37 lines
No EOL
1.2 KiB
Text
37 lines
No EOL
1.2 KiB
Text
[:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]
|
|
>> General Information
|
|
Advisory/Exploit Title = Lyrics Script SQL Injection and Cross-Site Scripting Vulnerabilities
|
|
Author = Valentin Hoebel
|
|
Contact = valentin@xenuser.org
|
|
|
|
|
|
[:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]
|
|
>> Product information
|
|
Name = Lyrics Script
|
|
Authors = Dan Fletcher, Dunstan Mattocks
|
|
Link = http://www.buymyscripts.net/21/Lyrics_Script.html
|
|
Affected Version(s) = unknown
|
|
|
|
|
|
[:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]
|
|
>> #1 SQL Injection
|
|
target/search_results.php?search=Search&k=[SQL Injection]
|
|
target/browse_artist.php?letter=[SQL Injection]
|
|
target/browse_song.php?letter=[SQL Injection]
|
|
|
|
>> #2 Cross-Site Scripting
|
|
target/search_results.php?search=Search&k=[XSS]
|
|
|
|
|
|
[:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]
|
|
>> Additional Information
|
|
Advisory/Exploit Published = 14.06.2010
|
|
|
|
|
|
[:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]
|
|
>> Misc
|
|
Greetz = cr4wl3r, JosS
|
|
<3 packetstormsecurity.org!
|
|
|
|
|
|
[:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::] |