[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Vwar v1.5.0 <= Sql Injection and XSS vuln.
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Vwar v1.5.0 <= Sql Injection and XSS vuln.
- From: mfoxhacker@xxxxxxxxx
- Date: 3 Aug 2006 06:16:55 -0000
IHST > Iran HackerZ Security Team (WhiteHat Part)
-------------------------------------------------
Vendor : www.vwar.de
vuln. Version = v1.5.0 and lower
Credits : MFox
Contact : mfoxhacker@xxxxxxxxx
HomePage : www.hackerz.ir
-------------------------------------------------
Proof of Concept
Http://[Target]/[Path]/war.php?page=[SQL] & [XSS]
-------------------------------------------------
Gr33tZ :
S3rv3r_Hack3r - Hessam-X - BlOod_MoOn - Rs_VB - Rh_b_H - S433d_Only_LinuX -
saTTar_li
-------------------------------------------------