EV0028.txt

2006-01-15T00:00:00
ID PACKETSTORM:43076
Type packetstorm
Reporter Aliaksandr Hartsuyeu
Modified 2006-01-15T00:00:00

Description

                                        
                                            `New eVuln Advisory:  
Wordcircle Multiple SQL Injection & XSS Vulnerabilities  
  
--------------------Summary----------------  
  
Software: Wordcircle  
Sowtware's Web Site: http://www.wordcircle.org/  
Versions: 2.17  
Critical Level: Moderate  
Type: Multiple Vulnerabilities  
Class: Remote  
Status: Unpatched  
Exploit: Available  
Solution: Not Available  
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)  
eVuln ID: EV0028  
  
-----------------Description---------------  
Most of user defined data isn't properly sanitized. This can be used to make any SQL query by injecting arbitrary SQL code or insert any javascript code.  
  
--------------Exploit----------------------  
Cross-Site Scriptong Example.  
  
Page:  
http://host/index.php?frm=mine  
(need to be logged in)  
  
Course name: <XSS>  
  
--------------Solution---------------------  
No Patch available.  
  
--------------Credit-----------------------  
Original Advisory:  
http://evuln.com/vulns/28/summary.html  
  
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)  
`