Vulners
Lucene search
SiteEnableXSSnSQL.txt
`--Alt-Boundary-29920.9701600
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Content-description: Mail message body
Hackers Center Security Group (http://www.hackerscenter.com/)
Zinho's Security Advisory
Title: SiteEnable CMS Multiple Severe XSS and Sql injections
Risk: High
Date: 1/04/2005
Vendor: http://www.siteenable.com/default.asp
Quote from the Vendor: "SiteEnable starts at only $189.00"
I could test siteenable from their online demo: demo.siteenable.com
and after some minute I realized I was on another buggy cms.
---+ XSS:
http://demo.siteenable.com/content.asp?contenttype=%3Cscript%3Ealert(document.coo
kie)%3C/script%3E
Another more severe script injection is in the Submit a Quote page in which neither title
or description fields are sanitized. This can affect all the visitors of the site.
Anyone can inject a silent script and grab anyone's password or cookie.
----+ SQL Injection:
http://demo.siteenable.com/content.asp?do_search=0&keywords=contact&page_no=2&
sortby=;SELECT%20* FROM bla bla--
The sortby parameter is directly passed to the sql string without any check. This is sentor
of mental illness...
Once again I've not thoroughly tested SiteEnable for a time matter and because they do
not provide source code (it is sold at 189$). Probably other vulns can be found.
Author:
Zinho is webmaster and founder of http://www.hackerscenter.com , Security research
portal
Secure Web Hosting Companies Reviewed:
http://www.securityforge.com/web-hosting/secure-web-hosting.asp
zinho-no-spam @ hackerscenter.com
====>
Webmaster of
.:[ Hackers Center : Internet Security Portal]:.
http://www.hackerscenter.com
http://www.securityforge.com/web-hosting
--Alt-Boundary-29920.9701600
Content-type: text/html; charset=US-ASCII
Content-transfer-encoding: 7BIT
Content-description: Mail message body
<?xml version="1.0" ?><html>
<head>
<title></title>
</head>
<body>
<div align="left"><font face="Arial"><span style="font-size:10pt">Hackers Center Security Group (</span></font><font face="Arial" color="#0000ff"><span style="font-size:10pt"><u>http://www.hackerscenter.com/</u>)</span></font><font
face="Arial"><span style="font-size:10pt"> </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Zinho's Security Advisory </span></font></div>
<div align="left"><br/>
</div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Title: SiteEnable CMS Multiple Severe XSS and Sql injections</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Risk: High </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Date: 1/04/2005 </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Vendor: http://www.siteenable.com/default.asp</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Quote from the Vendor: "SiteEnable starts at only $189.00"</span></font></div>
<div align="left"><br/>
</div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">I could test siteenable from their online demo: demo.siteenable.com</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">and after some minute I realized I was on another buggy cms.</span></font></div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">---+ XSS:</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">http://demo.siteenable.com/content.asp?contenttype=%3Cscript%3Ealert(document.cookie)%3C/script%3E</span></font></div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Another more severe script injection is in the Submit a Quote page in which neither title
or description fields are sanitized. This can affect all the visitors of the site.</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Anyone can inject a silent script and grab anyone's password or cookie.</span></font></div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">----+ SQL Injection:</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">http://demo.siteenable.com/content.asp?do_search=0&keywords=contact&page_no=2&sortby=;SELECT%20*
FROM bla bla--</span></font></div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">The sortby parameter is directly passed to the sql string without any check. This is sentor
of mental illness...</span></font></div>
<div align="left"><br/>
</div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Once again I've not thoroughly tested SiteEnable for a time matter and because they do
not provide source code (it is sold at 189$). Probably other vulns can be found.</span></font></div>
<div align="left"><br/>
</div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Author: </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Zinho is webmaster and founder of </span></font><font face="Arial" color="#008000"><span style="font-size:10pt"><u>http://www.hackerscenter.com</u></span></font><font
face="Arial"><span style="font-size:10pt"> , Security research
portal </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Secure Web Hosting Companies Reviewed: </span></font></div>
<div align="left"><font face="Arial" color="#008000"><span style="font-size:10pt"><u>http://www.securityforge.com/web-hosting/secure-web-hosting.asp</u></span></font><font face="Arial"><span
style="font-size:10pt"> </span></font></div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">zinho-no-spam @ hackerscenter.com </span></font></div>
<div align="left"><br/></div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">====></span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Webmaster of</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">.:[ Hackers Center : Internet Security Portal]:.</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">http://www.hackerscenter.com</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">http://www.securityforge.com/web-hosting</span></font></div>
<div align="left"><br/>
</div>
<div align="left"></div>
</body>
</html>
--Alt-Boundary-29920.9701600--
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
14 Apr 2005 00:00Current
7.4High risk
Vulners AI Score7.4