CVE-2010-5027
medium
CVSS v3
—
CVSS v4 NEW
—
VIR risk
5.3
Description
Cross-site scripting (XSS) vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the type parameter. NOTE: some of these details are obtained from third party information.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.
✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
Science Fair In A Box - SQL Injection / Cross-Site Scripting
Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]
Exploit Title: Science Fair In A Box SQLi & XSS Vulnerability
Version:2.0.6
Price:Free
Vendor url:http://www.sfiab.ca/
Published: 2010-06-09
Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue™®, S1ayer,d3c0d3r and to all
ICW members
###############################################################################################################################################################################################
Science Fair In A Box SQLi & XSS Vulnerability
Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]
#####################################################################################################################################################################################################
Description:
The "Science Fair in a Box" (SFIAB) project provides regions hosting a
science fair with a complete and comprehensive package that can be used to
assist in the implementation and running of the fair.
The SFIAB provides a web based application to facilitate all areas of
running a science fair such as online registration for the participants,
judges, sponsor management, judge scheduling and awards management.
The SFIAB is implemented using open-source tools wherever possible, creating
a truly open and customizable product that fairs can modify to suit their
needs.
However, SFIAB contain enough configuration options to allow fairs to use
the system without any modifications to the underlying codebase. SFIAB is
developed using PHP, with MySQL as the backend database.
Other database backends could be supported in the future. All reports are
created in print-ready PDF format to ensure cross-platform compatibility
where applicable and also available to export as a CSV to external
applications.
All text in SFIAB is internationalized to allow the use of the system in any
language. 'Language Packs' will be available in other language once
translations are complete. (If you'd like to assist in translation, contact
us!)
SFIAB is the most advanced, most comprehensive Science Fair Software in the
world, and is used by many science fairs spread across many different
countries!
#######################################################################################################################################################################################################
Vulnerability:
*SQLi Vulnerability
DEMO URL :http://server/sfiab/winners.php?year=2008&type=Special'
*XSS Vulnerability
Parameter:'"-->
DEMO URL :http://server/sfiab/winners.php?year=2008&type=Special [xss]
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
# 0day n0 m0re #
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
##########################################################################################################################################################################################
--
With R3gards,
L0rd CrusAd3rApplication impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| sfiab | science_fair_in_a_box | 2.0.6 | |
| sfiab | science_fair_in_a_box | 2.2.0 | |
References
- http://packetstormsecurity.org/1006-exploits/fairinabox-sqlxss.txt
- http://secunia.com/advisories/40170
- http://securityreason.com/securityalert/8516
- http://www.exploit-db.com/exploits/13801
- http://www.osvdb.org/65419
- http://www.securityfocus.com/bid/40743
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59283
- http://packetstormsecurity.org/1006-exploits/fairinabox-sqlxss.txt
- http://secunia.com/advisories/40170
- http://securityreason.com/securityalert/8516
- http://www.exploit-db.com/exploits/13801
- http://www.osvdb.org/65419
- http://www.securityfocus.com/bid/40743
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59283
CWEs
CWE-79
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.