Lyrics Script SQL Injection and Cross-Site Scripting Vulnerabilities

vendor:

Lyrics Script

by:

Valentin Hoebel

7,5

CVSS

HIGH

SQL Injection and Cross-Site Scripting

89, 79

CWE

Product Name: Lyrics Script

Affected Version From: unknown

Affected Version To: unknown

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

Lyrics Script SQL Injection and Cross-Site Scripting Vulnerabilities

Lyrics Script is vulnerable to SQL Injection and Cross-Site Scripting. An attacker can inject malicious SQL queries via the 'search' and 'k' parameters in the 'search_results.php' script, and inject arbitrary HTML and script code via the 'k' parameter in the 'search_results.php' script. An attacker can exploit these issues to manipulate SQL queries, steal cookie-based authentication credentials, execute arbitrary HTML and script code in the browser of an unsuspecting user in the context of the affected site, and possibly launch other attacks.

Mitigation:

Input validation should be used to prevent SQL injection and Cross-Site Scripting attacks. All input data should be validated and filtered, including data from GET, POST, and COOKIE variables.

Source

Exploit-DB raw data:

[:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]
>> General Information 
Advisory/Exploit Title = Lyrics Script SQL Injection and Cross-Site Scripting Vulnerabilities
Author = Valentin Hoebel
Contact = valentin@xenuser.org


[:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]
>> Product information
Name = Lyrics Script
Authors = Dan Fletcher, Dunstan Mattocks
Link = http://www.buymyscripts.net/21/Lyrics_Script.html
Affected Version(s) = unknown

 
[:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]
>> #1 SQL Injection
target/search_results.php?search=Search&k=[SQL Injection]
target/browse_artist.php?letter=[SQL Injection]
target/browse_song.php?letter=[SQL Injection]

>> #2 Cross-Site Scripting
target/search_results.php?search=Search&k=[XSS]


[:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]
>> Additional Information
Advisory/Exploit Published = 14.06.2010


[:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]
>> Misc
Greetz = cr4wl3r, JosS
<3 packetstormsecurity.org!


[:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]