Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:12741
HistoryMay 20, 2006 - 12:00 a.m.

Yourfreeworld.com Short Url & Url Tracker Script

2006-05-2000:00:00
vulners.com
20

((This is the second script I've tested from these people. It will be assumed for right now that all of
their scripts contain full path disclosure errors as well as XSS'ing))

Yourfreeworld.com Short Url & Url Tracker Script

Homepage:

http://www.yourfreeworld.com/script/shorturl.asp

Short Url Service with Url Tracker can be one of the most useful tools for any online marketer.
Most of the online marketers don't want to send emails with URLs that break making the recipient have to go
through the work of copying and pasting it into there browser window.
Most of them don't want to use one program to create a tiny url and than having to access another one to
track it .

Effected files:

login.php

Exploit: SQL injection of the file login.php leads to full path disclosures. The form you use to submit urls
in is not filtered either, so a user can submit malicious data like <script> to preform XSS'ing.

Example:

Each action such as reset counter,view, delete etc works to preform the error.

http://www.example.com/shorturl/login.php?mode=resetcounter&amp;id=34&#39;