TimberWolf 1.2.2 vulnerable to XSS

Advisory Text :

-=[--------------------ADVISORY-------------------]=-

TimberWolf 1.2.2

Author: CorryL [corryl80 (at) gmail (dot) com [email concealed]]

-=[-----------------------------------------------]=-

-=[+] Application: TimberWolf
-=[+] Version: 1.2.2
-=[+] Vendor's URL: http://cms.gamezrule.org/index.php
-=[+] Platform: WindowsLinuxUnix
-=[+] Bug type: Cross-Site Script
-=[+] Exploitation: Remote
-=[-]
-=[+] Author: CorryL ~ corryl80[at]gmail[dot]com ~
-=[+] Reference: www.x0n3-h4ck.org
-=[+] Virtual Office: http://www.kasamba.com/CorryL
-=[+] Irc Chan: irc.darksin.net #x0n3-h4ck
-=[+] Special Thanks: Merry Christmas for All, Thanks for all #x0n3-h4ck
member,
un saluto a tutti gli avolesi nel mondo.

..::[ Descriprion ]::..

TimberWolf is Powered by PHP and runs off an MySQL database.
It has quite a few distinctive features amongst others.

It is 100% Freeware.
It is 100% easy to skin, and use.
It is 100% of everything you need.

The Admin Control Panel is Very simple, whereas the site itself looks the
opposite.

..::[ Bug ]::..

this software is vulnerable to a type of called bug
cross-site script, a remote attaker is able to exploit
this vulnerability to draw information

..::[ Proof Of Concept ]::..

http://remote
site/shownews.php?nid=>'><ScRiPt%20%0a%0d>alert(1261667191)%3B</ScRiPt>

..::[ Workaround ]::..

..::[ Disclousure Timeline ]::..

[19/12/2006] - Vendor notification
[24/12/2006] - Public disclousure

Security

IT News

Search

SecurityAlert Database

About SecurityAlert

ExploitAlert Database

SecurityReason Research

WLB Database

Send to WLB

About WLB

Security Audit

Schedule

Prices of services

Contact

SecurityReason IT News

SecurityAlert

World Laboratory of Bugtraq

ExploitAlert

Apache

PHP

Contact

About SecurityReason

TimberWolf 1.2.2 vulnerable to XSS