Multiple SQL Injection and XSS in Wordcircle

Summary

Vulnerability
Multiple SQL Injection and XSS in Wordcircle
Discovered
2006.01.12
Last Update
0 n/a
ID
EV0028
CVE
CVE-2006-0204 CVE-2006-0205
Risk Level
medium
Type
Multiple Vulnerabilities
Status
Unpatched
Vendor
n/a
Vulnerable Software
Wordcircle (http://www.wordcircle.org/)
Version
2.17
PoC/Exploit
Available
Solution
Not available
Discovered by
Aliaksandr Hartsuyeu (eVuln.com)

Description

Multiple Vulnerabilities found in Wordcircle (http://www.wordcircle.org/) script.

Most of user defined data isn't properly sanitized. This can be used to make any SQL query by injecting arbitrary SQL code or insert any javascript code.

PoC/Exploit

Cross-Site Scripting Example.

Page:
http://host/index.php?frm=mine

(need to be logged in)

Course name: <XSS>

Solution.

Solution for "Multiple SQL Injection and XSS in Wordcircle" is not available. Check vendor's website for updates.