Wednesday, November 30, 2005

ADVISORY


Product:- GoFox free Travel tool Sql Injection Vulnerability

CRITICAL:
Moderately critical

IMPACT:
Manipulation of data

WHERE:
From remote

SOFTWARE:
Gofox free travel tool


DESCRIPTION:
The Vulnerability can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "pid" parameter in "traveltools.php" isn't properly
sanitised before being used in a SQL query. This can be exploited to
manipulate SQL queries by injecting arbitrary SQL code.


SOLUTION:
Awaiting response from the vendor

Original Advisory: Here at http://axcesdenied.blogspot.com

Credit: $um$id
Aka
Access Denied

Tuesday, November 29, 2005

ADVISORY


TITLE:
Send Card,Mapple Addressbook SQL Injection Vulnerabilities

CRITICAL:
Moderately critical

IMPACT:
Manipulation of data

WHERE:
From remote

SOFTWARE:
Send card,address Book by Mapple ,

DESCRIPTION:
The users input is not clearly filtered in the validation script. Thus, the validation can easily be bypassed and to make the matter worse any query can be run on the mysql server retreiving a lot of crucial data.

Solution:
--------------------
There is no vendor-supplied patch for this issue at
this time.

Original Advisory: Here at http://axcesdenied.blogspot.com

Credit: $um$id
Aka
Access Denied
----------------------------------------------------------------------

ADVISORY


Vendor: Perl-Cal
Products Affected: Perl-Cal 2.99 and earlier
Type: Cross Site Scripting
Severity: Medium Date released: 23rd Nov 2005
Vulnerability Type: Input Validation Error
Overview:- PerlCal is a CGI script written by Acme Software that allows web-based calendar sharing and related functions.There exists a cross-site scripting vulnerability as the input in one of the parameters is not filtered correctly.

Description:- The cross-site scripting bug can be executed with a URL like so:

http://localhost/cgi-bin/perlcal/cal_make.pl
?p0=%3Cscript%3Ealert(‘hi’);%3C/script%3E

This issue could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected Web site.

Demonstration:- http://localhost/cgi-bin/perlcal/cal_make.pl
?p0=%3Cscript%3Ewindow.open(‘http://www.google.com’);%3Cscript%3E

This can also be used to steal users cookie.
Demonstration:- http://localhost/cgi-bin/perlcal/cal_make.pl?p0=%3Cscript%3Ealert(document.cookie);%3C/script%3E

Solution:
--------------------
There is no vendor-supplied patch for this issue at
this time.

Original Advisory: Here at http://axcesdenied.blogspot.com

Credit: $um$id
Aka
Access Denied