Sunday, February 27, 2011

DOERS CMS Multiple Vulnerabilities


Title : DOERS CMS Multiple Vulnerabilities
Web : http://www.doers.in/
Found By: p0pc0rn 28/02/2011
Dork : intext:" powered by DOERS" asp

SQL
---

http://site.com/xxxx.asp?id=[SQL]
http://site.com/xxxx.asp?category=[SQL]
and more..

XSS
---
Parameter can be xss'ed

currentPage=[XSS]
categoryname=[XSS]
page=[XSS]
cate=[XSS]
sub=[XSS]
and more..

POC
---


http://www.1337day.com/exploits/15522

thanks,
-p0pc0rn-
Share:

0 comments: