Exploit GuestBookPlus - HTML Injection / Bypass Comments Limit

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
14839
Проверка EDB
  1. Пройдено
Автор
MIND C0RE
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
N/A
Дата публикации
2010-08-29
Код:
=======================================================================
#                         In the name of ALLAH !                      #
=======================================================================
# GuestBookPlus Script PHP (HTML Injection) Vuln.
=======================================================================
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
#################################
#      _____ __    __  /_  __/  #
#     / ___/ \ \  / /   / /     #
#    (__  )   \ \/ /   / /      #
#   /____/     \__/   /_/       #
#################################
########################################################################
# Name: GuestBookPlus Script PHP (HTML Injection) 
# Vendor: http://websitekit.us/GBP_demo.html
# Date: 2010-08-15
# Author: MiND
# Greets: Sa-ViRuS.CoM , RENO , Dr.php , ! BaD BoY ! , Gov.HaCker , Anti-Secure , Dr.$audi all Sa-ViRuS.CoM Members ..
# Contact: [email protected]
# Home: WwW.Sa-ViRuS.CoM
########################################################################

[~]Note : Its not free ,, Its by 28 $
[~]You Can Buy It From : http://websitekit.us/guest_book_plus.html



[~] HTML Injection Vuln . : Add a new comment using sign button
Put on the name & body of your comment any html code like: 
<meta http-equiv="refresh" content="0;url=http://sa-virus.com/" />               <==== ( thats redirecting to sa-virus.com ) 

[~] Another note : You can bypass the limit of comments per day in this guestbook script 
By deleting the saved cookie in your computer ;)
 
Источник
www.exploit-db.com

Похожие темы