XSS SQL injection vulnerability in WmsCMS

EliteHackers
SALUT 2022!! NE-AM MUTAT PE DISCORD ! Vrei să inviți un prieten? [T]eoria [H]aosului [C]ontrolat - https://discord.com/invite/U4HBCHzm7r Acesta aste link-ul oficial al acestui server.

Lista Forumurilor Pe Tematici

EliteHackers | Reguli | Inregistrare | Login

POZE ELITEHACKERS

Nu sunteti logat.

Nou pe simpatie:
crazygirl

Femeie
24 ani
Buzau
cauta Barbat
26 - 80 ani

EliteHackers / Exploituri / XSS, SQL injection vulnerability in WmsCMS

Moderat de Ad_Infinitum, AntiKiler, Puscas_marin, r3v

Autor

Mesaj

Pagini: 1

r3v
Moderator

Inregistrat: acum 16 ani
Postari: 1158

Code:

# EDB-ID: 13739
# CVE: (CVE-2007-3137)
# OSVDB-ID: (37144)
# Author: Ariko-Security
# Published: 2010-06-06
# Verified: Yes
# Download: Exploit Code
# Download: N/A view source

print
?# Title: XSS, SQL injection vulnerability in WmsCMS 
# EDB-ID:  
# CVE: () 
# OSVDB-ID: () 
# Author: Ariko-Security 
# Published: 2010-06-05 
  
  
============ { Ariko-Security - Advisory #1/6/2010 } ============= 
  
XSS, SQL injection vulnerability in WMSCMS 
  
2007 Secunia Advisory SA25583 (only XSS 3 params) 
  
  
Vendor's Description of Software: 
# http://www.wmsdesign.net 
Demo 
# http://wmscms.com 
  
Dork: 
# n/a 
  
Application Info: 
# Name: WMSCMS 
# ALL versions 
  
Vulnerability Info: 
# Type: XSS 
# Type: SQL injection Vulnerability 
  
Fix: 
# N/A 
  
Time Table: 
# 10/05/2010 - Vendor notified. 
  
Input passed via the "search","sbr","pid","sbl","FilePath" parameters to default.asp is not properly 
  
sanitised before being used in a SQL query. 
  
Input passed via the "sbr","pr","psPrice" parameters to printpage.asp is not properly 
  
sanitised before being used in a SQL query. 
  
   
Input passed to the "search","sbr","p","sbl" parameters in default.asp is not properly 
  
sanitised before being returned to the user. 
  
Solution: 
# Input validation of all mentioned parameters should be corrected. 
  
Vulnerability: 
SQLi & BSQLi 
# http://[site]/default.asp (Parameter search) 
# http://[site]/default.asp (Parameter sbr) 
# http://[site]/default.asp (Parameter pid) 
# http://[site]/default.asp (Parameter sbl) 
# http://[site]/default.asp (Parameter FilePath) 
# http://[site]/printpage.asp (Parameter sbr) 
# http://[site]/printpage.asp (Parameter pr) 
# http://[site]/printpage.asp (Parameter psPrice) 
  
xss 
# http://[site]/default.asp (Parameter = search)  
# http://[site]/default.asp (Parameter = sbr) 
# http://[site]/default.asp (Parameter = p) 
# http://[site]/default.asp (Parameter = sbl) 
  
Credit: 
# Discoverd By: MG / Ariko-Security 2010 
# http://secunia.com/advisories/25583/ (XSS 3 params) 
  
Advisory: 
# http://www.ariko-security.com/june2010/audyt_bezpieczenstwa_692.html 
  
  
Ariko-Security 
  
tel.: +48512946012 (Mo-Fr 10.00-20.00 CET)

_______________________________________
http://thieves-team.com
r3vyk.info
mess id: doar prin PM datorita faptului ca mi-au dat add 10000 de retardati care joaca metin

pus acum 16 ani

Pagini: 1

Mergi la