Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

greensql-xss.txt

🗓️ 25 Sep 2007 00:00:00Reported by laurent gaffieType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 27 Views

GreenSQL database firewall has a permanent xss vulnerability, allowing injection of malicious scripts in the admin panel

Code
`Site: http://greensql.net/  
live-demo: http://demo.greensql.net/  
Platform: alls  
Bug: permanent xss  
Special condition: none  
Impact : semi-critical  
-------------------------------------------------------  
  
1) Introduction  
2) Bug  
3) Proof of concept  
4) Credits  
===========  
1) Introduction  
===========  
GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. GreenSQL works in a proxy mode and has built in support for MySQL. The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc).  
======  
2) Bug  
======  
  
permanent xss  
  
=====  
3)Proof of concept  
=====  
well the proof of concept can be anywhere , like a login form, an url value everythings is loggued in the green-sql  
admin panel. the problem is because there's no filter , so the script logs your query in the database   
and then it's printed in the alert section . this can be pretty nastie ... you "protect" your script agains sql injection with a firewall , but you have a permanent xss in the panel . and actually only the admin see the logs .  
so you know that the cookie is the good one !  
  
an exemple can be given in the demo website :  
http://www.greensql.net/sql-injection-test fill login or password with <script>alert(document.cookie)</script>  
then go in the admin panel :http://demo.greensql.net/ xss will be executed .  
  
  
  
=====  
5)Credits  
=====  
  
Laurent gaffie  
contact : [email protected]  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
25 Sep 2007 00:00Current
7.4High risk
Vulners AI Score7.4
greensqldatabase firewallpermanent xssinjection attacksadmin panelsql commands
27