TUCoPS :: Web BBS :: Frequently Exploited

TUCoPS :: Web BBS :: Frequently Exploited :: b06-2154.htm
phpBB "charts.php" XSS and SQL-Injection

phpBB "charts.php" XSS and SQL-Injection phpBB "charts.php" XSS and SQL-Injection


// phpBB "charts.php" (hack) XSS and SQL-Injection //=0D
=0D
-----------------------------------------------------------------=0D
=0D
[~] Advisory by: LoK-Crew=0D
=0D
[-] Exploit:=0D
http://www.example.com/charts.php?action=vote&rate=1&id=[XSS]=0D 
http://www.example.com/charts.php?action=vote&rate=1&id=[SQL]=0D 
=0D
[-] Googledork: inurl:"charts.php" "powered by phpbb"=0D
=0D
[+] Visit: www.LoK-Crew.de