============================================================== Benja CMS 0.1 (Upload/XSS) Multiple Remote Vulnerabilities ============================================================== ,--^----------,--------,-----,-------^--, | ||||||||| `--------' | O .. CWH Underground Hacking Team .. `+---------------------------^----------| `\_,-------, _________________________| / XXXXXX /`| / / XXXXXX / `\ / / XXXXXX /\______( / XXXXXX / / XXXXXX / (________( `------' AUTHOR : CWH Underground DATE : 22 June 2008 SITE : www.citec.us ##################################################### APPLICATION : Benja CMS VERSION : 0.1 VENDOR : N/A DOWNLOAD : http://downloads.sourceforge.net/benjacms ##################################################### --- Broken Authentication --- Anonymous can access to administrative control that can add/delete menu [+] http://[Target]/[benjacms_path]/admin/ --- Arbitrary File upload --- Upload Path: [+] http://[Target]/[benjacms_path]/admin/upload.php File Location: [+] http://[Target]/[benjacms_path]/billeder/[Evil File] ***Can upload malicious files such as php shell script*** --- Remote XSS Exploit --- --------- Exploit --------- [+] http://[Target]/[benjacms_path]/admin/admin_edit_submenu.php/ [+] http://[Target]/[benjacms_path]/admin/admin_new_submenu.php/ [+] http://[Target]/[benjacms_path]/admin/admin_edit_topmenu.php/ ################################################################## Greetz: ZeQ3uL, BAD $ectors, Snapter, Conan, JabAv0C, Win7dos ##################################################################