inetmedia.txt

`Description:  
============  
Multiple XSS and SQL injection vulnerabilities were found in Inetmedia's web services cityinfo.pl and cityaz.de, which my be exploited by attackers to gain confidential information and/or modify datebase.  
  
These flaws are due to PHP programming mistakes in:  
"http://users.[CITY_NAME].cityinfo.pl/";  
"http://users.[CITY_NAME].cityaz.de/";  
"http://[CITY_NAME].cityinfo.pl/firma.php";  
"http://[CITY_NAME].cityinfo.pl/page_tpl.php";  
"http://[CITY_NAME].cityaz.de/firma.php";  
"http://[CITY_NAME].cityaz.de/page_tpl.php";  
"https://users.[CITY_NAME].pl/";  
"https://users.[CITY_NAME].de/";  
"https://[CITY_NAME].cityinfo.pl/";  
"https://[CITY_NAME].cityaz.de/".  
  
CITY_NAME - name of the city in Poland or Germany.  
  
Probably there are more flaws, which were not discovered during research.  
  
Examples:  
=========  
http://users.krakinfo.pl/index.php?msg=<script>alert(document.cookie);</script>  
http://www.krakinfo.pl/firma.php?id=-1%20union%20select%20*%20from%20uzytkownicy  
  
References:  
===========  
www.cityinfo.pl  
stats.inetmedia.pl/cityinfo.php  
www.cityaz.de  
stats.inetmedia.pl/cityaz.php  
www.inetmedia.pl  
  
Credits:  
========  
Vulnerabilities were found by:  
Łukasz Juszczyk a.k.a kahir,  
Filip Palian a.k.a s_n.  
  
Feedback:  
=========  
<lukasz.juszczyk at pjwstk.edu.pl>  
<filip.palian at pjwstk.edu.pl>  
  
Additional information:  
=======================  
Vulnerability reported to Inetmedia on 25-06-06 at 14:30.  
  
Acknowledgment:  
===============  
[DFT]  
`