SecurityFocus

Vwar v1.5.0 <= Sql Injection and XSS vuln. Aug 03 2006 06:16AM
mfoxhacker gmail com

IHST > Iran HackerZ Security Team (WhiteHat Part)

-------------------------------------------------

Vendor : www.vwar.de

vuln. Version = v1.5.0 and lower

Credits : MFox

Contact : mfoxhacker (at) gmail (dot) com [email concealed]

HomePage : www.hackerz.ir

-------------------------------------------------

Proof of Concept

Http://[Target]/[Path]/war.php?page=[SQL] & [XSS]

-------------------------------------------------

Gr33tZ :

S3rv3r_Hack3r - Hessam-X - BlOod_MoOn - Rs_VB - Rh_b_H - S433d_Only_LinuX - saTTar_li

-------------------------------------------------

[ reply ]