`# Exploit Title: Paliz Portal [Sql-XSS] Multiple Vulnerabilities
# Date: 2011.07.02
# Author: Net.Edit0r
# Version : All versian
# Tested on: Windows server 2003
# CVE : -
-----------------------------------------------------------------------------------------
Paliz Portal [Sql-XSS] Multiple Vulnerabilities
-----------------------------------------------------------------------------------------
Author : Net.Edit0r
# Date: 2011.07.02
Location : Iran
Web : http://Black-Hg.Org & http://mn-team.net/
Critical Lvl : Medium
Where : From Remote
My Group : Black Hat Group #BHG
---------------------------------------------------------------------------
Vulnerability:
~~~~~~~~~~~~
./ >>> Page.aspx?search=1[XSS Code]&mID=1641&Page=search/advancedsearch [XSS]
./ >>> News/shownews/[page].aspx?NewsId=[Sqli] 1:[Sql Access ]
./ >>> Default.aspx?tabid=[Sqli] 2:[Sql Access ]
PoC/Exploit:
~~~~~~~~~~
~ [PoC] ~: Http://target.com/Page.aspx?search=1[XSS
Code]&mID=1641&Page=search/advancedsearch
~ [PoC] ~: Http://target.com/News/shownews/[page].aspx?NewsId=[Sqli]
~ [PoC] ~: Http://target.com/[Path]/Default.aspx?tabid=[Sqli]
Dork:
~~~~~
Google : intext:"Paliz Portal"
Timeline:
~~~~~~~~~
- 11 - 05 - 2011 bug found.
- 29 - 06 - 2011 vendor contacted, but no response.
- 2 - 07 - 2011 Advisories release.
Contact:
~~~~~~~~~
[email protected] ~ [email protected]
---------------------------------------------------------------------------
Greetz To :DarkCoder | 3H34N | Amir-MaGiC | H3x | D3adlY and all bhg member
Spical Th4nks: B3hz4d | Cru3l.b0y | M4Hd1 | HUrr!c4nE | Mikili And All
My Friendz
Web Greetz :http://Black-Hg.Org & http://mn-team.net/ & http://pentesters.ir/
[!] Persian Gulf 4 Ever
[!] I Love Iran And All Iranian People
-------------------------------- [ EOF ] ----------------------------------
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation