[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

JiRos Links Manager[injection sql & xss permanent]

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: JiRos Links Manager[injection sql & xss permanent]
From: saps.audit@xxxxxxxxx
Date: 21 Nov 2006 20:12:50 -0000

vendor site:http://www.jiros.net/
product:JiRos Links Manager
bug: injection sql & xss
risk : medium 


injection sql:
/openlink.asp?LinkID='[sql]
/viewlinks.asp?CategoryID='[sql]


xss permanent (post):
in: /submitlink.asp
-Link Name:
-Link URL:
-Link Image:
-Link Description:

those xss are really dangerous , because an admin need to approuve the link 
so he gone get his cookie stealed direcly when he log into the administration 
panel

laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit@xxxxxxxxx

Prev by Date: creadirectory [injection sql & xss]
Next by Date: Advisory: LDU <= 8.x Remote SQL Injection Vulnerability.
Previous by thread: creadirectory [injection sql & xss]
Next by thread: Advisory: LDU <= 8.x Remote SQL Injection Vulnerability.
Index(es):
- Date
- Thread