Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14268
HistorySep 14, 2006 - 12:00 a.m.

[eVuln] indexcity SQL Injection and XSS Vulnerabilities

2006-09-1400:00:00
vulners.com
14
JSON

New eVuln Advisory:
indexcity SQL Injection and XSS Vulnerabilities
http://evuln.com/vulns/135/summary.html

--------------------Summary----------------
eVuln ID: EV0135
CVE: CVE-2006-4323 CVE-2006-4324
Vendor: CityForFree
Vendor's Web Site: http://www.cityforfree.com/
Software: indexcity
Sowtware's Web Site: http://www.cityforfree.com/free_script.htm
Versions: 1.0
Critical Level: Moderate
Type: Multiple Vulnerabilities
Class: Remote
Status: Unpatched. No reply from developer(s)
PoC/Exploit: Available
Solution: Not Available
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)

-----------------Description---------------

  1. SQL Injection.

Vulnerable script: list.php

Parameter cate_id is not properly sanitized before being used in SQL
query. This can be used to make any SQL query by injecting arbitrary SQL
code.

Condition: magic_quotes_gpc = off

  1. Cross-Site Scripting.

Vulnerable Script: add_url2.php

Parameter url is not properly sanitized. This can be used to post
arbitrary HTML or web script code.

--------------PoC/Exploit----------------------
Available at: http://evuln.com/vulns/135/exploit.html

--------------Solution---------------------
No Patch available.

--------------Credit-----------------------
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)

Regards,
Aliaksandr Hartsuyeu
http://evuln.com - Penetration Testing Services
.

Related

packetstorm 1
cve 2
packetstorm
packetstorm
EV0135.txt
2006-09-14 00:00:00
cve
cve
CVE-2006-4323
2006-08-24 01:04:00
CVE-2006-4324
2006-08-24 01:04:00
JSON
Related for SECURITYVULNS:DOC:14268
packetstorm1cve2