selfcomposer-sql.txt
Posted on 15 May 2010
------------------------------------------------------------------------------------------- SelfComposer CMS SQL/HTML Injection Vulnerability ------------------------------------------------------------------------------------------- Author: CoBRa_21 Mail: uyku_cu@windowslive.com Script Home: http://www.selfcomposer.it ------------------------------------------------------------------------------------------- Sql Injection: http://localhost/[path]/schedaistituzionale.asp?idreferenza=11&idpadrerifIstituzionali= SQL http://localhost/[path]/prodotti.asp?idpadrerif= SQL ------------------------------------------------------------------------------------------- Html Injection: Search box paste code:<font size=12 >CoBRa_21</font > _________________________________________________________________ Windows Live: Arkadaşlarınız size e-posta gönderdiklerinde Flickr, Twitter ve Digg'deki hareketlerinizi görürler. http://www.microsoft.com/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:tr-tr:SI_SB_3:092010
