Rapid Classified v3.1 [multiple xss (get) & injection sql]

2007.01.15

Credit: laurent gaffi & benjamin moss

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2006-6930 | CVE-2006-6929

CWE: N/A

vendor site: http://www.4u2ges.com/
product : Rapid Classified v3.1 
bug: multiple xss (get) & injection sql
risk : medium

injection sql :
/viewad.asp?id='[sql]

xss :
/reply.asp?id=[xss]
/view_print.asp?id=[xss]
/search.asp?categoryName=1&SH1=[xss]
/reply.asp?id=50120815480100001&name=[xss]
/advsearch.asp?zipr=1&D1=0&D4=1&zipOpt=20&dosearch=[xss]

laurent gaffi & benjamin moss
http://s-a-p.ca/
contact: saps.audit (at) gmail (dot) com [email concealed]

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Rapid Classified v3.1 [multiple xss (get) & injection sql]

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.