static XSS / SQL-Injection in Omegasoft Insel

To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: static XSS / SQL-Injection in Omegasoft Insel
From: "MC Iglo" <mc.iglo@xxxxxxxxxxxxxx>
Date: Fri, 1 Jun 2007 13:45:32 +0200
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=googlemail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=jIzVgUNumOnefr5NHJUMY973/V2FkKw785NANh2QNtlHgv38afBC0byx8nP8wnBrfAqqw2raALxZmFKvIW5HJFXitiYUIX+Rpdf2QFn7h95iSJFerGHcVLm3uEqc9uAL1A7BCB4RtwtWwMG6ZyV4VtSrORQ3WLpSA8/Y/e0jMFg=
Domainkey-signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=ibbzbHosxIDq1+gCyTxB6zYuF8KpjYd4zB7BkLaTnW84vl2vg/pTvbKj7G1KJC9Ag5l3rnNT84pU83RiCIwP1W0tkAw3ggDx0mBkZHUuM01uENY8AkqjYEyuSDKjkOAQOEo6sgwMRze/bQ/1LI1SDwrdupkO0LEYGX7lmrcyaFQ=
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Input passed to fields in OmegaMw7's tables isn't properly sanitized
before being returned to the user. This can be exploited to execute
arbitrary HTML and script code in a user's browser session in context
of an affected site and/or inject SQL-Commands

This applies to many many standard fields in different tables
e.g. F05003, F05005, F05015
and to all user-created text fields using the form creator (you cannot
do it a different way)

kind regards
MC.Iglo

Prev by Date: PBSite - PHP Bulletin Site | CMS ====> RFI
Next by Date: Prototype of an PHP application ===> RFI
Previous by thread: PBSite - PHP Bulletin Site | CMS ====> RFI
Next by thread: Prototype of an PHP application ===> RFI
Index(es):
- Date
- Thread