{“lastseen”:”2026-01-29T16:36:01″,”description”:”This document articulates an overview of remote SQL injection, command injection, and cross site scripting vulnerabilities found in the Alicorn version from 2004…”,”published”:”2026-01-29T00:00:00″,”modified”:”2026-01-29T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Alicorn Circa 2004 SQL Injection \/ Command Injection \/ XSS”,”source”:””,”references”:””,”id”:”PACKETSTORM:214540″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[],”sourceData”:”=============================================================================================================================================\\n | # Title : Alicorn Front-End to Unicornscan in Data Correlation Module SQL Injection and Command Injection Vulnerabilities |\\n | # Author : indoushka |\\n | # Tested on : windows 11 Fr(Pro) \/ browser : Mozilla firefox 147.0.1 (64 bits) |\\n | # Vendor : https:\/\/www.unicornscan.org\/ |\\n =============================================================================================================================================\\n \\n [+] References : https:\/\/packetstorm.news\/files\/id\/34550\/ \\n \\n [+] Summary : This analysis examines a PHP script from the Unicornscan network reconnaissance tool (circa 2004) that contains severe security vulnerabilities. \\n The code is intended for querying and correlating scan data but is fundamentally insecure due to improper input handling.\\n \\t\\t\\t\\t \\n 1. SQL Injection (Critical)\\n \\n Location: db2response() function calls with raw user input\\n \\n Impact: Full database compromise, data exfiltration, unauthorized access\\n \\n Root Cause: Direct usage of $_POST\/$_GET arrays without sanitization\\n \\n 2. Potential Command Injection\\n \\n Location: banner and os parameters\\n \\n Impact: Remote code execution on server\\n \\n Root Cause: Lack of input validation on regex pattern fields\\n \\n 3. Cross-Site Scripting (XSS)\\n \\n Location: urldecode() calls without output encoding\\n \\n Impact: Client-side script execution, session hijacking\\n \\n 4. Insecure Direct Object References\\n \\n Location: Direct database queries with user-controlled parameters\\n \\n Impact: Unauthorized data access\\n \\n [+] Attack Vectors :\\n \\n SQL Injection Examples:\\n \\n POST \/scan_data\/data_select.php\\n host_addr=’ UNION SELECT 1,2,3,4,5,6,7,8,@@version,10–\\n \\n [+] Data Exfiltration:\\n \\n GET \/scan_data\/data_select.php?host_addr=1′ OR 1=1\\u0026mask=1\\n \\n [+] Risk Assessment :\\n \\n Vulnerability\\t Severity\\t Exploit Complexity\\t Impact\\n SQL Injection\\t Critical\\t Low\\t Complete system compromise\\n Command Injection\\tHigh\\t Medium\\t Server takeover\\n XSS \\tMedium\\t Low\\t Client-side attacks\\n \\n [+] Root Causes :\\n \\n No Input Validation: Complete trust in user-supplied data\\n \\n No Parameterized Queries: Direct string concatenation in SQL\\n \\n No Output Encoding: Raw data displayed to users\\n \\n Age of Code: Written before modern security practices (2004)\\n \\n [+] Immediate Actions:\\n \\n Remove from production environments\\n \\n Implement parameterized queries\\n \\n Apply strict input validation\\n \\n Add output encoding\\n \\n [+] Long-term Solutions:\\n \\n Complete code rewrite using modern frameworks\\n \\n Implement proper authentication\/authorization\\n \\n Regular security audits\\n \\n Dependency updates\\n \\n [+] Conclusion :\\n \\n This legacy code represents a critical security risk and should be immediately isolated from any production systems. \\n The vulnerabilities are trivial to exploit and could lead to complete system compromise. Modern security practices must replace these antiquated coding patterns.\\n \\n Greetings to :=====================================================================================\\n jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|\\n ===================================================================================================”,”sourceHref”:”https:\/\/packetstorm.news\/download\/214540″,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/214540\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-01-29T16:36:01″,”description”:”This document articulates an overview of remote SQL injection, command injection, and cross site scripting vulnerabilities found in the Alicorn version from 2004…”,”published”:”2026-01-29T00:00:00″,”modified”:”2026-01-29T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Alicorn Circa…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,12,13,33,53,7,11,5],"class_list":["post-38152","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-exploit","tag-news","tag-none","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n