AOH :: HP Unsorted E :: TB13524.HTM

E-vanced Solutions Multiple Vulnerabilites



E-vanced Solutions Multiple Vulnerabilites
E-vanced Solutions Multiple Vulnerabilites



E-vanced Solutions Multiple Vulnerabilites
http://www.e-vancedsolutions.com

First off, script code can be injected into all fields when you register for some event. This presents a possibility for cookie theft from logged in users.

Next off, theres there exists an SQL injection point from the eventsignup variable

eventsignup.asp?ID=4197  UNION ALL SELECT username, etc FROM users--

Now theres the Evanced Summer reader Suite.
summer re=95ader

viewreviews.asp?ProgramID=35 union all select lol FROM lol--&CurrPage=2

XSS also works in the user registration page for the name, and all other info, and a nice XSS exists under user reviews for every field in patronlogadd.asp

The fun doesnt stop there. Next we have Room Rese=95rve

XSS works in the room reservation area.

Vendor Notified. No patch yet.
Happy hacking!

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.