hola friends,
found some interesting things in the "old" UltraBoard-Forum scripts
(UltraBoard V 1.6)
class:Input Validation Error
remote:Yes
vulnerable:UltraBoard V1.*
vendor: www.ultrascripts.com || www.ub2k.com
Description:
By using the good old NullByte(\000) its possible to open "any" file on the
webserver(with its permissions) running the "UltraBoard" forum-software.
cgi-script:
UltraBoard.pl || UltraBoard.cgi
Variables:
Action=PrintableTopic
Post=[path_including_".."_to_any_file][***NULLBYTE***]
Board=[valid_board]
Idle=10
Sort=0
Order=Descend
Page=0
Session=
hmm ... EOF
nizedays,
rudic
rudicarell@hotmail.com
"getrootallthetime"
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
|
|
|
|
<![CDATA[<p id="vvttv"></p>]]>
|
|
<![CDATA[<p id="vvttv"></p>]]> |
<![CDATA[<p id="vvttv"></p>]]>
<![CDATA[<pre id="vvttv"><cite id="vvttv"><progress id="vvttv"></progress></cite></pre>]]>
|
<![CDATA[<output id="vvttv"><dfn id="vvttv"><th id="vvttv"></th></dfn></output>]]>
<![CDATA[<p id="vvttv"></p>]]> |