envo.txt

2005-12-14T00:00:00
ID PACKETSTORM:42242
Type packetstorm
Reporter X1ngBox
Modified 2005-12-14T00:00:00

Description

                                        
                                            `[Description]: eNvolution is a fork of PostNuke. The entire core of the product is being replaced and improved, making it far more secure and stable, and able to work in high-volume environments with ease.  
  
[vendor]: http://www.envolution.com  
  
[Vulnerability]: SQL injection AND XSS  
  
[sploit]  
  
http://[host]/[envo]/modules.php?op=modload&name=News&file=index&catid=&topic=18&startrow=[sql] or [xss]  
  
http://[host]/[envo]/modules.php?op=modload&name=News&file=index&catid=[sql] or [xss]  
  
  
x1ng  
  
X1ngBox |4t| gmail C0m  
  
  
  
  
`