lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20050624114032.13019.qmail@securityfocus.com>
Date: 24 Jun 2005 11:40:32 -0000
From: Dedi@...urityfocus.com,
	Dwianto@...urityfocus.com (the_day@...o.or.id)
To: bugtraq@...urityfocus.com
Subject: [ECHO_ADV_21$2005] MUltiple Vulnarable In ActiveBuyAndSell


---------------------------------------------------------------------------
[ECHO_ADV_21$2005] MUltiple Vulnarable In ActiveBuyAndSell
---------------------------------------------------------------------------

Author: Dedi Dwianto
Date: June, 24th 2005
Location: Indonesia, Jakarta
Web: http://echo.or.id/adv/adv21-theday-2005.txt

---------------------------------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : ActiveBuyAndSell
version	: 6.2
URL  : http://ActiveWebSoftwares.com
Author : ActiveWebSoftwares
Description :

ActiveBuyAndSell is a Web-based application that connects people selling products 
and services with people looking to buy products and services. Uses MS SQL or 
Access database. Full ASp source code included.
	
---------------------------------------------------------------------------

Vulnerabilities:
~~~~~~~~~~~~~~~~

A. SQL Injection:
   
   * http://victim/ebuyandsell/default.asp?catid=[SQL inject]

   * http://victim/ebuyandsell/buyersend.asp?catid=[SQL inject]

   * http://victim/ebuyandsell/admin.asp
     In this pages vulnarable sql injection in form input
	
	POC : 
		Administrator ID :[SQL Inject]
		Password	 :blank

	
   * http://victim/ebuyandsell/advertiserstart.asp

	POC :
		E-mail Address	:[SQL inject]
		Password	:blank

   * http://victim/ebuyandsell/buyer.asp

	POC :
		E-mail		:[SQL inject]
		Password	:blank

   * http://victim/ebuyandsell/search.asp

	POC :
		Keyword		:[SQL inject]


B. Xss
  
   * http://victim/ebuyandsell/sendpassword.asp?Table=Buyer&Title=[XSS]&EmailFld=BEmail

	POC :

	http://victim/ebuyandsell/sendpassword.asp?Table=Buyer&Title=<script>alert('test')</script>&EmailFld=BEmail

  * http://victim/ebuyandsell/search.asp

	POC :
		Keyword		: <script>alert('dudul')</script>

   
C. Fix

   Vendor allready contacted but still no response and i can't fix it because
   i can't view source code :lol

---------------------------------------------------------------------------

Shoutz:
~~~~~~~

~ y3dips, moby, comex, z3r0byt3, K-159, c-a-s-e, S`to, lirva32, anonymous
~ Lieur Euy , MSR
~ newbie_hacker@...oogroups.com ,
~ #e-c-h-o@...NET

---------------------------------------------------------------------------
Contact:
~~~~~~~~

     the_day || echo|staff || the_day[at]echo[dot]or[dot]id
     Homepage: http://theday.echo.or.id/

-------------------------------- [ EOF ] ----------------------------------


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ