ExploitsAplicacionMicrosoftInternet_Explorer

MS Internet Explorer WebViewFolderIcon setSlice() Exploit (html)

Vi, 29/09/2006 - 09:20 — OeX
::OlateDownload 3.4.0 Multiple Vulnerabilities ::
------------------------------------------------
Software : OlateDownload
Website  : www.olate.co.uk
Bug Discover : Hessam-x / www.hessamx.net


I. Cross Site Scripting Vulnerability
-------------------------------------------------
Parameter "description_small" are not properly sanitized in "userupload.php".
This can be used to post arbitrary HTML or web script code.


II. Multiple SQL Injection Vulnerabilities
-------------------------------------------------
Parameter "page" in "detailes.php" and "query" in "search.php"
is not properly sanitized before being used in SQL query.
This can be used make any SQL query by injecting arbitrary SQL code.
Attacker can be execute this url :
/details.php?page=%BF%27%22%28&file=1
/search.php?query=%BF%27%22%28

================================================
Hessam Salehi .Hessamx[@]Hessamx.net
================================================
  • 474 lecturas

Comentarios

Enviar un comentario nuevo

  • Saltos automáticos de líneas y de párrafos.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img> <p> <br>
  • You may post code using <code>...</code> (generic) or <?php ... ?> (highlighted PHP) tags.

Más información sobre opciones de formato

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Copy the characters (respecting upper/lower case) from the image.