Found by: p0pc0rn 24/02/2011
Web : http://www.juiceapac.com
Dork : intext:"Powered by JuiceAPac" filetype:cfm
SQL
---
http://site.com/xxxx.cfm?xxx=[SQL]
XSS
---
http://site.com/search.cfm
POST: THE_KEYWORDS=[XSS]&year=[XSS]
http://site.com/news.cfm?NewsID=[XSS]
//maybe other parameter can be xss'ed too.
POC
---
http://www.1337day.com/exploits/15499
thanks
-p0pc0rn-
0 comments:
Post a Comment