Lucene search
K

THQ.com SQL Injection

🗓️ 18 Jun 2010 00:00:00Reported by Packet StormType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 27 Views

THQ.com SQL Injection and XSS Attack via Registration For

Code
`This is pretty much because I want to embarrass these assholes. See: http://gamepolitics.com/2010/06/14/exec-thq-anti-used-game-initiative-could-make-everyone-happy  
  
SQLi 1: http://www.thq.com/us/mythq/register?contentType=GAMEALERT&alertGame='4896  
  
This one is pretty obvious. It's an injection via $_GET. The funniest part is that they don't just allow injection. They serve up the whole PHP source of the page for you. Giving you table names, and the actual syntax of the query being used.  
  
SQLi 2:  
The next one is an injection via POST in their registration form here: http://www.thq.com/us/mythq/register  
  
I used burpsuite to inject it by editing the HTTP requests but you can probably just enter whatever you want right in the form. I used the UK subdomain for testing: http://uk.thq.com/uk/mythq/register. This one also shows the source.  
  
Next one is your typical reflected XSS:  
  
http://www.thq.com/us/search/index?keyw=%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E  
  
I hope this is enough to put off anyone who was thinking of buying shit from them.  
Would you trust this company with your credit card information when they can't even properly sanitize a registration form?  
These probably aren't even the only security bugs on their site. This is just after 10 minutes of pentesting. Do yourself a favor and stay far far away from this company. They have no clue about security and obviously don't give a shit about their customers.  
  
BOYCOTT THQ  
  
  
  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

18 Jun 2010 00:00Current
0.1Low risk
Vulners AI Score0.1
27