[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAJttGjk=BmGvVkZO7LUtAO2nKDEOejL2Rs2viiqovLugdoe1Hg@mail.gmail.com>
Date: Sat, 16 Jul 2011 02:07:00 +0700
From: cyber netron <cybernetron@...il.com>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk,
websec10@...-sec.org, websecurity@...ts.webappsec.org
Subject: Interactive World SQL Injection Vulnerability [
Multiple Vulnerabilities ]
Interactive World (index.php) Sql Injection Vulnerability [ Multiple
Vulnerabilities ]
==============================================================
####################################################################
.:. Exploit Title : Interactive World SQL Injection Vulnerability [ Multiple
Vulnerabilities ]
.:. Author : Netrondoank aka netron
.:. My Web : www.indonesiansecurity.info ,indotek.or.id and Ilmuhacker.org
.:. Platform/Tested on: Linux
.:. Version : none
.:. Software Link: : http://www.interactive-world.com
.:. Dork : "Powered By Interactive World"
####################################################################
.:. Exploit
===[ SQL Injenction ]===
http://www.site.com//news_desc.php?Id=[Sqli]
Xss
===[ XSS/HTML Injection ]===
http://site/path/latest_news_next.php?id=89&news_type=[XSS ATTACK HERE]
####################################################################
[+] Spesial thanks to all friend @ site : IndonesianSecurity.info +
codenesia.com
+palembangHackerlink.org + Blitar hackerlink dot org + hacker newbie dot org
+ binus hacker dot org +
+indonesianblogger.org + kimmonosz (kimmonosz.tk) + jos ali joe (
exploit-id.com) + dewancc (dawnc0de.com)
+pokeng + budi anja (biohazzard) +klicak + dymaz spyro (gaya rambutmu leh
ditiru)
+doni mustofa anak2 uin jakarta + crashblack here + hmei7 + junbad (
indonesiancoder.com) + skutengboy (maapin gua bro)
+ almh viroes banditc0de + ares blue screen (jgn maen mulu loh skripsi
urusin) + budi_spielberg (met nikah yee) + om leman (indonesiancyber.org)
[+] Lamer juga manusia punya otak
[+] ku cinta padamu susi tapi dirimu tak cinta padaku .wkwkwkwkw
[+] jos ali joe , thx to notice for submit my poc to exploit-id.com
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists