Lyrics Script – SQL Injection / Cross-Site Scripting

• Exploit Database
• 124 阅读

• 作者： Valentin
  日期： 2010-06-14
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/13863/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38

  [:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::] >> General Information Advisory/Exploit Title = Lyrics Script SQL Injection and Cross-Site Scripting Vulnerabilities Author = Valentin Hoebel Contact = valentin@xenuser.org     [:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::] >> Product information Name = Lyrics Script Authors = Dan Fletcher, Dunstan Mattocks Link = http://www.buymyscripts.net/21/Lyrics_Script.html Affected Version(s) = unknown   [:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::] >> #1 SQL Injection target/search_results.php?search=Search&k=[SQL Injection] target/browse_artist.php?letter=[SQL Injection] target/browse_song.php?letter=[SQL Injection]   >> #2 Cross-Site Scripting target/search_results.php?search=Search&k=[XSS]     [:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::] >> Additional Information Advisory/Exploit Published = 14.06.2010     [:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::] >> Misc Greetz = cr4wl3r, JosS <3 packetstormsecurity.org!     [:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]