exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

SiteEnableXSSnSQL.txt

SiteEnableXSSnSQL.txt
Posted Apr 14, 2005
Authored by Zinho | Site hackerscenter.com

SiteEnable CMS is susceptible to multiple SQL injection and cross site scripting attacks.

tags | exploit, xss, sql injection
SHA-256 | 854e5c896fd68bddcf5f29d287379edb263ddc84cc92751a8c0e87128c991f65

SiteEnableXSSnSQL.txt

Change Mirror Download
--Alt-Boundary-29920.9701600
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Content-description: Mail message body

Hackers Center Security Group (https://www.hackerscenter.com/)
Zinho's Security Advisory


Title: SiteEnable CMS Multiple Severe XSS and Sql injections
Risk: High
Date: 1/04/2005
Vendor: https://www.siteenable.com/default.asp
Quote from the Vendor: "SiteEnable starts at only $189.00"


I could test siteenable from their online demo: demo.siteenable.com
and after some minute I realized I was on another buggy cms.

---+ XSS:
https://demo.siteenable.com/content.asp?contenttype=%3Cscript%3Ealert(document.coo
kie)%3C/script%3E

Another more severe script injection is in the Submit a Quote page in which neither title
or description fields are sanitized. This can affect all the visitors of the site.
Anyone can inject a silent script and grab anyone's password or cookie.

----+ SQL Injection:
https://demo.siteenable.com/content.asp?do_search=0&keywords=contact&page_no=2&
sortby=;SELECT%20* FROM bla bla--

The sortby parameter is directly passed to the sql string without any check. This is sentor
of mental illness...


Once again I've not thoroughly tested SiteEnable for a time matter and because they do
not provide source code (it is sold at 189$). Probably other vulns can be found.


Author:
Zinho is webmaster and founder of https://www.hackerscenter.com , Security research
portal
Secure Web Hosting Companies Reviewed:
https://www.securityforge.com/web-hosting/secure-web-hosting.asp

zinho-no-spam @ hackerscenter.com


====>
Webmaster of
.:[ Hackers Center : Internet Security Portal]:.
https://www.hackerscenter.com
https://www.securityforge.com/web-hosting



--Alt-Boundary-29920.9701600
Content-type: text/html; charset=US-ASCII
Content-transfer-encoding: 7BIT
Content-description: Mail message body

<?xml version="1.0" ?><html>
<head>
<title></title>
</head>
<body>
<div align="left"><font face="Arial"><span style="font-size:10pt">Hackers Center Security Group (</span></font><font face="Arial" color="#0000ff"><span style="font-size:10pt"><u>https://www.hackerscenter.com/</u>)</span></font><font
face="Arial"><span style="font-size:10pt">    </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Zinho's Security Advisory     </span></font></div>
<div align="left"><br/>
</div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Title: SiteEnable CMS Multiple Severe XSS and Sql injections</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Risk: High  </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Date: 1/04/2005    </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Vendor: https://www.siteenable.com/default.asp</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Quote from the Vendor: "SiteEnable starts at only $189.00"</span></font></div>
<div align="left"><br/>
</div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">I could test siteenable from their online demo: demo.siteenable.com</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">and after some minute I realized I was on another buggy cms.</span></font></div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">---+ XSS:</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">https://demo.siteenable.com/content.asp?contenttype=%3Cscript%3Ealert(document.cookie)%3C/script%3E</span></font></div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Another more severe script injection is in the Submit a Quote page in which neither title
or description fields are sanitized. This can affect all the visitors of the site.</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Anyone can inject a silent script and grab anyone's password or cookie.</span></font></div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">----+ SQL Injection:</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">https://demo.siteenable.com/content.asp?do_search=0&keywords=contact&page_no=2&sortby=;SELECT%20*
FROM bla bla--</span></font></div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">The sortby parameter is directly passed to the sql string without any check. This is sentor
of mental illness...</span></font></div>
<div align="left"><br/>
</div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Once again I've not thoroughly tested SiteEnable for a time matter and because they do
not provide source code (it is sold at 189$). Probably other vulns can be found.</span></font></div>
<div align="left"><br/>
</div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Author:     </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Zinho is webmaster and founder of </span></font><font face="Arial" color="#008000"><span style="font-size:10pt"><u>https://www.hackerscenter.com</u></span></font><font
face="Arial"><span style="font-size:10pt"> ,   Security research
portal   </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Secure Web Hosting Companies Reviewed:  </span></font></div>
<div align="left"><font face="Arial" color="#008000"><span style="font-size:10pt"><u>https://www.securityforge.com/web-hosting/secure-web-hosting.asp</u></span></font><font face="Arial"><span
style="font-size:10pt">  </span></font></div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">zinho-no-spam @ hackerscenter.com    </span></font></div>
<div align="left"><br/></div>
<div align="left"><br/>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">====></span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Webmaster of</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">.:[ Hackers Center : Internet Security Portal]:.</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">https://www.hackerscenter.com</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">https://www.securityforge.com/web-hosting</span></font></div>
<div align="left"><br/>
</div>
<div align="left"></div>
</body>
</html>

--Alt-Boundary-29920.9701600--
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close