SQL Buddy 1.3.3 (GET/POST) Multiple Remote Cross-Site Scripting Vulnerabilities
Title: SQL Buddy 1.3.3 (GET/POST) Multiple Remote Cross-Site Scripting Vulnerabilities
Advisory ID: ZSL-2012-5074
Type: Remote
Impact: Cross-Site Scripting
Risk: (3/5)
Release Date: 17.02.2012
Apache 2.2.21
PHP 5.3.9
MySQL 5.5.20
[2] http://www.osvdb.org/show/osvdb/79343
[3] http://www.osvdb.org/show/osvdb/79344
[4] http://www.securityfocus.com/bid/52066
[5] http://packetstormsecurity.org/files/109923/SQL-Buddy-1.3.3-Cross-Site-Scripting.html
[6] http://cxsecurity.com/issue/WLB-2012020151
[7] http://xforce.iss.net/xforce/xfdb/73298
[18.02.2012] - Added reference [5] and [6]
[21.02.2012] - Added reference [7]
Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Advisory ID: ZSL-2012-5074
Type: Remote
Impact: Cross-Site Scripting
Risk: (3/5)
Release Date: 17.02.2012
Summary
SQL Buddy is an open source web based MySQL administration application.Description
SQL Buddy suffers from a XSS vulnerability when parsing user input to the 'DATABASE', 'HOST' and 'USER' parameters via POST method in 'login.php', and the 'db' parameter in 'dboverview.php' via GET method. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.Vendor
Calvin Lough - http://www.sqlbuddy.comAffected Version
1.3.3Tested On
Microsoft Windows XP Professional SP3 (EN)Apache 2.2.21
PHP 5.3.9
MySQL 5.5.20
Vendor Status
[1] http://secunia.com/advisories/48013/PoC
sqlbuddy_xss.htmlCredits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>References
[1] http://secunia.com/advisories/48013/[2] http://www.osvdb.org/show/osvdb/79343
[3] http://www.osvdb.org/show/osvdb/79344
[4] http://www.securityfocus.com/bid/52066
[5] http://packetstormsecurity.org/files/109923/SQL-Buddy-1.3.3-Cross-Site-Scripting.html
[6] http://cxsecurity.com/issue/WLB-2012020151
[7] http://xforce.iss.net/xforce/xfdb/73298
Changelog
[17.02.2012] - Initial release[18.02.2012] - Added reference [5] and [6]
[21.02.2012] - Added reference [7]
Contact
Zero Science LabWeb: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk