Bitweaver 2.8.1 Multiple Cross-site Scripting Vulnerabilities
sschurtz
Bitweaver 2.8.1 Multiple Cross-site Scripting Vulnerabilities
Posted:29 Sep 2011 (02:34 UTC)Hi,
I will inform you about some XSS vulernabilities in Bitweaver 2.8.1:
target/bitweaver/users/register.php/"
target/bitweaver/blogs/rankings.php/"
target/bitweaver/articles/edit.php/"
target/bitweaver/articles/list.php/"
target/bitweaver/calendar/index.php/"
target/bitweaver/events/list_events.php/"
target/bitweaver/events/index.php/"
target/bitweaver/pigeonholes/list.php/"
target/bitweaver/fisheye/index.php/"
target/bitweaver/recommends/index.php/"
target/bitweaver/rss/index.php/"
target/bitweaver/fisheye/list_galleries.php/"
target/bitweaver/tags/"
target/bitweaver/stencils/index.php/"
target/bitweaver/stencils/list_stencils.php/"
target/bitweaver/wiki/orphan_pages.php/"
target/bitweaver/users/remind_password.php/"
target/bitweaver/blogs/list_blogs.php/"
target/bitweaver/liberty/list_content.php/"
target/bitweaver/quicktags/special_chars.php?textarea_id=');"/>
target/bitweaver/users/register.php -> Email -> '" -> Register
Best Regards,
sschurtz
I will inform you about some XSS vulernabilities in Bitweaver 2.8.1:
target/bitweaver/users/register.php/"
target/bitweaver/blogs/rankings.php/"
target/bitweaver/articles/edit.php/"
target/bitweaver/articles/list.php/"
target/bitweaver/calendar/index.php/"
target/bitweaver/events/list_events.php/"
target/bitweaver/events/index.php/"
target/bitweaver/pigeonholes/list.php/"
target/bitweaver/fisheye/index.php/"
target/bitweaver/recommends/index.php/"
target/bitweaver/rss/index.php/"
target/bitweaver/fisheye/list_galleries.php/"
target/bitweaver/tags/"
target/bitweaver/stencils/index.php/"
target/bitweaver/stencils/list_stencils.php/"
target/bitweaver/wiki/orphan_pages.php/"
target/bitweaver/users/remind_password.php/"
target/bitweaver/blogs/list_blogs.php/"
target/bitweaver/liberty/list_content.php/"
target/bitweaver/quicktags/special_chars.php?textarea_id=');"/>
target/bitweaver/users/register.php -> Email -> '" -> Register
Best Regards,
sschurtz
Page 1 of 1 1