EV0015.txt

`New eVuln Advisory:  
ADNForum Multiple Vulnerabilities  
  
--------------------Summary----------------  
Vendor: Agustin Dondo  
Vendor's Web Site: http://www.agustin.co.nr/  
Software: ADNForum  
Sowtware's Web Site: http://adnforum.sourceforge.net/  
Versions: 1.0b  
Critical Level: Moderate  
Type: Multiple Vulnerabilities  
Class: Remote  
Status: Unpatched  
Exploit: Available  
Solution: Not Available  
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)  
Published: 2006.01.05  
eVuln ID: EV0015  
  
-----------------Description--------------  
1. ADNForum has multiple SQL injection vulnerabilities.  
All user-defined data isn't properly sanitized before being used in SQL queries. This can be used to make any SQL query by injecting arbitrary SQL code.  
Condition: gpc_magic_quotes: off  
  
2. Multiple XSS Vulnerabilities.  
All user-defined data isn't properly sanitized before being posted. This can be used to post any html or script code.  
  
  
  
--------------Exploit----------------------  
Example of SQL Injections:  
http://host/adnforum/index.php?fid=3333'%20union%20select%201111/*  
http://host/adnforum/verpag.php?pagid=999'%20union%20select%201,2,3/*  
  
Example of XSS:  
URL: http://host/adnforum/crear.php?que=topico&fid=6  
Topic name: <XSS>  
  
--------------Solution---------------------  
No Patch available.  
  
--------------Credit-----------------------  
Original Advisory:  
http://evuln.com/vulns/15/summary.html  
  
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)  
  
`