AOH :: HP Unsorted I :: C07-1397.HTM

Inetmedia's information service - cityinfo. Multiple XSS



Multiple XSS vulnerabiliteies in Inetmedia's information service - cityinfo.
Multiple XSS vulnerabiliteies in Inetmedia's information service - cityinfo.



Description:
===========Multiple XSS and SQL injection vulnerabilities were found in Inetmedia's web services cityinfo.pl and cityaz.de, which my be exploited by attackers to gain  confidential information and/or modify datebase.

These  flaws  are  due  to  PHP programming mistakes in:
"http://users.[CITY_NAME].cityinfo.pl/"; 
"http://users.[CITY_NAME].cityaz.de/"; 
"http://[CITY_NAME].cityinfo.pl/firma.php"; 
"http://[CITY_NAME].cityinfo.pl/page_tpl.php"; 
"http://[CITY_NAME].cityaz.de/firma.php"; 
"http://[CITY_NAME].cityaz.de/page_tpl.php"; 
  "https://users.[CITY_NAME].pl/";
  "https://users.[CITY_NAME].de/";
  "https://[CITY_NAME].cityinfo.pl/";
  "https://[CITY_NAME].cityaz.de/".

CITY_NAME - name of the city in Poland or Germany.

Probably there are more flaws, which were not discovered during research.

Examples:
========http://users.krakinfo.pl/index.php?msg= 
http://www.krakinfo.pl/firma.php?id=-1%20union%20select%20*%20from%20uzytkownicy 

References:
==========www.cityinfo.pl 
stats.inetmedia.pl/cityinfo.php
www.cityaz.de 
stats.inetmedia.pl/cityaz.php
www.inetmedia.pl 

Credits:
=======Vulnerabilities were found by:
  Łukasz Juszczyk a.k.a kahir,
  Filip Palian a.k.a s_n.

Feedback:
========


Additional information:
======================Vulnerability reported to Inetmedia on 25-06-06 at 14:30.

Acknowledgment:
==============[DFT]

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.