multiple XSS and SQL Injection in Shoutbox
Summary
- Vulnerability
- multiple XSS and SQL Injection in Shoutbox
- Discovered
- 2006.02.01
- Last Update
- 2006.02.11 Exploitation code published
- ID
- EV0055
- CVE
- CVE-2006-0605 CVE-2006-0606
- Risk Level
- medium
- Type
- Multiple Vulnerabilities
- Status
- Unpatched
- Vendor
- n/a
- Vulnerable Software
- Shoutbox (http://www.unknowndomain.co.uk/)
- Version
- 2005.07.21
- PoC/Exploit
- Available
- Solution
- Not available
- Discovered by
- Aliaksandr Hartsuyeu (eVuln.com)
Description
Multiple Vulnerabilities found in Shoutbox (http://www.unknowndomain.co.uk/) script.
Most of user defined data isn't properly sanitized. This can be used to make any SQL query by injecting arbitrary SQL code (authorization or viewing blog and forum) or insert any javascript code (when posting new messages).
Condition for SQL Injections: magic_quotes_gpc - off
PoC/Exploit
XSS Example:
Link: http://host/shoutbox/index.php
Handle: <XSS>
Message: <XSS>
SQL Injection Example:
http://host/shoutbox/index.php?do=edit&id=99'%20union%20select%201,2,3,4,5/*
Solution.
Solution for "multiple XSS and SQL Injection in Shoutbox" is not available. Check vendor's website for updates.