E-vanced Solutions Multiple Vulnerabilites

From: Joseph.giron13@gmail.com
To: bugtraq@securityfocus.com
Cc:
Subject: E-vanced Solutions Multiple Vulnerabilites
Date:


E-vanced Solutions Multiple Vulnerabilites
http://www.e-vancedsolutions.com

First off, script code can be injected into all fields when you register for some event. This presents a possibility for cookie theft from logged in users. 

Next off, theres there exists an SQL injection point from the eventsignup variable

eventsignup.asp?ID=4197  UNION ALL SELECT username, etc FROM users--

Now theres the Evanced Summer reader Suite.
summer re\u2022ader

viewreviews.asp?ProgramID=35 union all select lol FROM lol--&CurrPage=2

XSS also works in the user registration page for the name, and all other info, and a nice XSS exists under user reviews for every field in patronlogadd.asp 

The fun doesnt stop there. Next we have Room Rese\u2022rve

XSS works in the room reservation area.

Vendor Notified. No patch yet. 
Happy hacking!





Copyright © 1995-2020 LinuxRocket.net. All rights reserved.