Thursday, February 24, 2011

JuiceAPac CMS Multiple Vulnerabilities

on      No comments
Title    : Multiple Vulnerabilities in JuiceAPac CMS
Found by: p0pc0rn 24/02/2011
Web     : http://www.juiceapac.com
Dork     : intext:"Powered by JuiceAPac" filetype:cfm
SQL
---

http://site.com/xxxx.cfm?xxx=[SQL]


XSS
---

http://site.com/search.cfm
POST: THE_KEYWORDS=[XSS]&year=[XSS]

http://site.com/news.cfm?NewsID=[XSS]
//maybe other parameter can be xss'ed too.


POC
---

http://www.1337day.com/exploits/15499

thanks
-p0pc0rn-
Share:

0 comments:

Post a Comment