GuestBookPlus – HTML Injection / Bypass Comments Limit

• Exploit Database
• 105 阅读

• 作者： MiND C0re
  日期： 2010-08-29
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14839/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36

  ======================================================================= # In the name of ALLAH !# ======================================================================= # GuestBookPlus Script PHP (HTML Injection) Vuln. ======================================================================= =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ################################# #_____ ____/___/# # / ___/ \ \/ / / / # #(__) \ \/ / / /# # /____/ \__/ /_/ # ################################# ######################################################################## # Name: GuestBookPlus Script PHP (HTML Injection) # Vendor: http://websitekit.us/GBP_demo.html # Date: 2010-08-15 # Author: MiND # Greets: Sa-ViRuS.CoM , RENO , Dr.php , ! BaD BoY ! , Gov.HaCker , Anti-Secure , Dr.$audi all Sa-ViRuS.CoM Members .. # Contact: f1_1nnym1nd@HoTMaiL.CoM # Home: WwW.Sa-ViRuS.CoM ########################################################################   [~]Note : Its not free ,, Its by 28 $ [~]You Can Buy It From : http://websitekit.us/guest_book_plus.html       [~] HTML Injection Vuln . : Add a new comment using sign button Put on the name & body of your comment any html code like: <meta http-equiv="refresh" content="0;url=http://sa-virus.com/" /> <==== ( thats redirecting to sa-virus.com )   [~] Another note : You can bypass the limit of comments per day in this guestbook script By deleting the saved cookie in your computer ;)