facebook facebook twitter rss

Multi Website 1.5 SQL/XSS Injection Vulnerabilities

Author: Cyber-Crystal , Published: 31-05-2012
                                                                    

# Exploit Title: Multi Website 1.5 SQL/XSS Injection Vulnerabilities
# Google Dork: .:: Powered by: Multi Website 1.5 ::.
# Date: 2012/05/31
# Author: Cyber-Crystal
# E-Mail: Cyb3r.Crystal@Gmail.com or TW -> https://twitter.com/#!/Cyb3r_Crystal
# Software Link: http://site-go.com/?action=free_version
# Version: 1.5
# Tested on: Debian GNU/Linux
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


[+] P0C:

Exploit sql injection:

http://localhost/multi-website/?articles=topic&topic=[SQL]


-------------

Exploit Xss Inject:

http://localhost/multi-website/?action=search&search=[XSS Inject]&gateway=art&by=letter

------------------------------


##########################
# My Home : www.P0c.cc
# F : snc0pe - secure-x41 - Dr.HAiL
# The End
##########################


Demo :
http://www.un-web.com/

Like us on Facebook :