Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:12742
HistoryMay 20, 2006 - 12:00 a.m.

Yourfreeworld Styleish Text Ads Script

2006-05-2000:00:00
vulners.com
12
JSON

Homepage of script
http://www.yourfreeworld.com/script/textads.asp

Stylish Text Ads Script can be one of the most useful tools for any webmaster.
If you own 1 or more websites and want to sell text ads then this tool can be one of the best tool for you.

Effected files:
tr1.php
advertise.php

Exploit:

SQL Injection on tr1.php can shows full path disclosure errors as well as inproper filtering on the forms of
advertise.php that can lead to malicious code injection or XSS.

Example:
http://www.example.com/stylishtextads/tr1.php?id=1'

JSON