Evernew Free Joke Script (viewjokes.php) SQL Injection

Exploit for unknown platform in category web applications ====================================================== Evernew Free Joke Script viewjokes.php SQL Injection ====================================================== / Name : Evernew Free Joke Script viewjokes.php SQL Injection WebSite :...

dhcart-xss.txt

DHCart Multiple variable XSS and stored XSS Vendor URL:http://www.dhcart.com/ Advisore:http://lostmon.blogspot.com/ 2008/11/dhcart-multiple-variable-xss-and-stored.html vendor notify:YES Exploit:YES Patch:YES DHCart is a PHP based application that provides a simple to use shopping cart for users...

myphp-sql.txt

Name : MyPHP Forum So we can execute an sql injection thrught the bugged variable $id. PoC: http://Site/faq.php?action=view&id=-1'+union+select+1,concatusername,0x3a,password,3+from+tableprefixmember+where+uid=1/ Sql injection in member.php So $member variable isn't controlled so we can exploit i...