NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2006-05

phpBB "charts.php" XSS and SQL-Injection

sn4k3.23gmail.com
Date: Thu May 11 2006 - 16:06:03 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

// phpBB "charts.php" (hack) XSS and SQL-Injection //

-----------------------------------------------------------------

[~] Advisory by: LoK-Crew

[-] Exploit:
http://www.example.com/charts.php?action=vote&rate=1&id=[XSS]
http://www.example.com/charts.php?action=vote&rate=1&id=[SQL]

[-] Googledork: inurl:"charts.php" "powered by phpbb"

[+] Visit: www.LoK-Crew.de

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]