header-logo
Suggest Exploit
vendor:
Science Fair In A Box
by:
L0rd CrusAd3r aka VSN
9,3
CVSS
HIGH
SQL Injection & XSS
89
CWE
Product Name: Science Fair In A Box
Affected Version From: 2.0.6
Affected Version To: 2.0.6
Patch Exists: YES
Related CWE: CVE-2010-2790
CPE: a:sfiab:science_fair_in_a_box
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2010

Science Fair In A Box SQLi & XSS Vulnerability

SFIAB is vulnerable to SQL Injection and XSS attacks. The vulnerability is due to the lack of proper input validation and sanitization of user-supplied data. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can allow an attacker to gain access to sensitive information stored in the database, such as usernames, passwords, and other confidential data. Additionally, an attacker can also inject malicious JavaScript code into the application, which can be used to steal user credentials or perform other malicious activities.

Mitigation:

The application should be configured to use parameterized queries and input validation should be implemented to ensure that user-supplied data is properly sanitized. Additionally, the application should be configured to use a secure authentication mechanism, such as OAuth or OpenID.
Source

Exploit-DB raw data:

Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]
Exploit Title: Science Fair In A Box SQLi & XSS Vulnerability
Version:2.0.6
Price:Free
Vendor url:http://www.sfiab.ca/
Published: 2010-06-09
Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue™®, S1ayer,d3c0d3r and to all
ICW members
###############################################################################################################################################################################################


Science Fair In A Box SQLi & XSS Vulnerability

Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]

#####################################################################################################################################################################################################

Description:

The "Science Fair in a Box" (SFIAB) project provides regions hosting a
science fair with a complete and comprehensive package that can be used to
assist in the implementation and running of the fair.
The SFIAB provides a web based application to facilitate all areas of
running a science fair such as online registration for the participants,
judges, sponsor management, judge scheduling and awards management.
The SFIAB is implemented using open-source tools wherever possible, creating
a truly open and customizable product that fairs can modify to suit their
needs.
However, SFIAB contain enough configuration options to allow fairs to use
the system without any modifications to the underlying codebase. SFIAB is
developed using PHP, with MySQL as the backend database.
Other database backends could be supported in the future. All reports are
created in print-ready PDF format to ensure cross-platform compatibility
where applicable and also available to export as a CSV to external
applications.
All text in SFIAB is internationalized to allow the use of the system in any
language. 'Language Packs' will be available in other language once
translations are complete. (If you'd like to assist in translation, contact
us!)
SFIAB is the most advanced, most comprehensive Science Fair Software in the
world, and is used by many science fairs spread across many different
countries!
#######################################################################################################################################################################################################

Vulnerability:

*SQLi Vulnerability

DEMO URL :http://server/sfiab/winners.php?year=2008&type=Special'

*XSS Vulnerability

Parameter:'"-->

DEMO URL :http://server/sfiab/winners.php?year=2008&type=Special [xss]
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
# 0day n0 m0re #
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


##########################################################################################################################################################################################

-- 
With R3gards,
L0rd CrusAd3r

Navigation

Suggest Exploit

Services By CQR