phpBB "charts.php" XSS and SQL-Injection

sn4k3 . 23 Thu, 11 May 2006 15:29:50 -0700

// phpBB "charts.php" (hack) XSS and SQL-Injection //


-----------------------------------------------------------------


[~] Advisory by: LoK-Crew


[-] Exploit:

http://www.example.com/charts.php?action=vote&rate=1&id=[XSS]

http://www.example.com/charts.php?action=vote&rate=1&id=[SQL]


[-] Googledork: inurl:"charts.php" "powered by phpbb"


[+] Visit: www.LoK-Crew.de

phpBB "charts.php" XSS and SQL-Injection

Reply via email to