phpBB "charts.php" XSS and SQL-Injection May 11 2006 09:06PM
sn4k3 23 gmail com
// phpBB "charts.php" (hack) XSS and SQL-Injection //

-----------------------------------------------------------------

[~] Advisory by: LoK-Crew

[-] Exploit:

http://www.example.com/charts.php?action=vote&rate=1&id=[XSS]

http://www.example.com/charts.php?action=vote&rate=1&id=[SQL]

[-] Googledork: inurl:"charts.php" "powered by phpbb"

[+] Visit: www.LoK-Crew.de

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus