Ads IwebNegar v1.1 Multiple vulnerabilities Friday, 01 September 2006 Software : IwebNegar v1.1 Website : ---- Bug Discover : Hessam-x / www.hessamx.net I. Cross Site Scripting Vulnerability ------------------------------------------------- Parameter "comment" are not properly sanitized in "comments.php". This can be used to post arbitrary HTML or web script code. attacked by comments.php with field comment & ... II. SQL Injection Vulnerability ------------------------------------------------- Parameter "id" is not properly sanitized before being used in SQL query. vulnerable Page is : "comments.php". This can be used make any SQL query by injecting arbitrary SQL code. Attacker can be execute this url : comments.php?id=[SQL Query] Last Updated ( Sunday, 03 September 2006 )   < Prev   Next > [ Back ]

Main Menu SpamAlerts | Windows | Linux | Tutorials | Excell | WhitePapers | News | Spam | Virus Windows Focus VNews Vulnerability Hacking Sql Injection map Downloads Affiliates Online Store Free Ringtones Seo Directory IWebListin Jobs in India Freshers Jobs listings. Winkeyfinder

Copyright 2005-2007 SpamAlertz.com, Content on this site is From variuos other emails, and Advisories.