Online Classified System Script SQLi and XSS Vulnerable

vendor:

Online Classified System Script

by:

L0rd CrusAd3r

8,8

CVSS

HIGH

SQL Injection and Cross-Site Scripting (XSS)

89, 79

CWE

Product Name: Online Classified System Script

Affected Version From: 1

Affected Version To: 1

Patch Exists: NO

Related CWE: N/A

CPE: 2daybiz/online_classified_system_script

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

Online Classified System Script SQLi and XSS Vulnerable

2daybiz online classified system allows users to post new ads, for which a predefined amount can be charged. Billing is handled automatically and seamlessly through many of the popular payment gateways. The system is vulnerable to both SQL injection and Cross-Site Scripting (XSS). An attacker can exploit the SQL injection vulnerability by sending malicious SQL queries to the server via the 'cid' parameter in the 'categorysearch.php' script. An attacker can exploit the XSS vulnerability by sending malicious JavaScript code to the server via the 'cid' parameter in the 'categorysearch.php' script.

Mitigation:

Input validation should be used to prevent malicious SQL queries and JavaScript code from being sent to the server. The application should also be kept up-to-date with the latest security patches.

Source

Exploit-DB raw data:

1               ##########################################             1
0               I'm L0rd CrusAd3r member from Inj3ct0r Team            1
1               ##########################################             0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1
Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]
Exploit Title:Online Classified System Script SQLi and XSS Vulnerable
Vendor url:http://www.2daybiz.com/
Version:1
Price:90$
Published: 2010-06-22
Greetz to:r0073r (inj3ct0r.com), Sid3^effects, MaYur, MA1201, M4n0j, Sonic Bluehat.
Special Greetz: Topsecure.net, inj3ct0r Team , Andhrahackers.com
Shoutzz:- To all ICW members.
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Description:

2daybiz online classified system allows you to start a fully automated classified ads site that includes essential features present in major classifieds sites. Our powerful script written in PHP allows your users to post new ads, for which you can charge a predefined amount. Billing is handled automatically and seamlessly through many of the popular payment gateways. Our classified ads software is fast, simple and fully customized through our built-in editor. 

~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Vulnerability:

*SQLi Vulnerable

DEMO URL:

http://server/classified/categorysearch.php?cid=[sqli]

*XSS Vulnerable

Parameter:'"--><script>alert(0x000872)</script>

DEMO URL:

http://server/classified/categorysearch.php?cid=[xss]

# 0day n0 m0re #
# L0rd CrusAd3r #