Collabtive v0.6.3 Remote SQL Injection Exploit

2010-06-13 13:04:41

#!/usr/bin/perl
use LWP::UserAgent;
use HTTP::Request::Common qw(POST);
use HTTP::Cookies;
use Getopt::Long;

# \#'#/
# (-.-)
# ------------------oOO---(_)---OOo-----------------
# | __ __ |
# | _____/ /_____ ______/ /_ __ ______ ______ |
# | / ___/ __/ __ `/ ___/ __ \/ / / / __ `/ ___/ |
# | (__ ) /_/ /_/ / / / /_/ / /_/ / /_/ (__ ) |
# | /____/\__/\__,_/_/ /_.___/\__,_/\__, /____/ |
# | Security Research Division /____/ 2o1o |
# --------------------------------------------------
# | Collabtive v0.6.3 Multiple Vulnerabilities |
# --------------------------------------------------
# [!] Discovered by.: DNX
# [!] Homepage......: http://starbugs.host.sk
# [!] Vendor........: http://collabtive.o-dyn.de
# [!] Detected......: 04.06.2010
# [!] Reported......: 05.06.2010
# [!] Response......: xx.xx.2010
#
# [!] Background....: Collabtive ist eine web-basierte Projektmanagementsoftware.
# Das Projekt startete im November 2007. Es ist eine
# Open-Source-Software und stellt eine Alternative zu propriet

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.