13.03.2012, 23:34
|
|
Новичок
Регистрация: 03.12.2008
Сообщений: 5
С нами:
9176819
Репутация:
1
|
|
Ребят,помогите продвинуться в раскрутке скули
http://www.single-russian-woman.com...0&show=0&sorting=-1bvn5&weight1=1&weight2=210
уязвимость в параметре sorting,вроде...ошибка в HTTP-заголовке
Код:
http://www.single-russian-woman.com/cgi-bin/search.cgi?age1=19&age2=100&country=&height1=100&height2=250&photocheck=0&seeking=0&show=0&sorting=-1bvn5&weight1=1&weight2=210
GET /cgi-bin/search.cgi?age1=19&age2=100&country=&height1=100&height2=250&photocheck=0&seeking=0&show=0&sorting=-1bvn5&weight1=1&weight2=210 HTTP/1.1
Host: www.single-russian-woman.com
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:10.0.2) Gecko/20100101 Firefox/10.0.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: ru-ru,ru;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: adv=http%3A%2F%2Fwww.google.com%2Furl%3Fsa%3Dt%26rct%3Dj%26q%3Dsingle%2520russian%2520women%26source%3Dweb%26cd%3D1%26ved%3D0CHUQFjAA%26url%3Dhttp%253A%252F%252Fwww.single-russian-woman.com%252F%26ei%3DZlFeT4PlJc_V4QSqkL3iDw%26usg%3DAFQjCNEj3xkfJiBZvycDvWk08byKTKFdZg; seeking=0; country=; age1=19; age2=100; height1=100; height2=250; weight1=1; weight2=210; sorting=15; lang=; langlevel=; eyecolor=; haircolor=; activerest=; genrefilms=; favmusic=; zodiac=; smoking=; drinking=; children=; keyword=; name=; maritalstatus=; russian=; photost=0; session=n2aojhfg57vb0xpim5kpgc1147925
Cache-Control: max-age=0
HTTP/1.1 200 OK
Date: Tue, 13 Mar 2012 19:20:30 GMT
Server: Apache/2.2.3 (CentOS)
DBD: :mysql::st execute failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'DESC LIMIT 0, 12' at line 1 at search.cgi line 1285., :mysql::st fetchrow failed: fetch() without execute() at search.cgi line 1286.
Set-Cookie: seeking=0; path=/
Set-Cookie: country=; path=/
Set-Cookie: age1=19; path=/
Set-Cookie: age2=100; path=/
Set-Cookie: height1=100; path=/
Set-Cookie: height2=250; path=/
Set-Cookie: weight1=1; path=/
Set-Cookie: weight2=210; path=/
Set-Cookie: sorting=15; path=/
Set-Cookie: lang=; path=/
Set-Cookie: langlevel=; path=/
Set-Cookie: eyecolor=; path=/
Set-Cookie: haircolor=; path=/
Set-Cookie: activerest=; path=/
Set-Cookie: genrefilms=; path=/
Set-Cookie: favmusic=; path=/
Set-Cookie: zodiac=; path=/
Set-Cookie: smoking=; path=/
Set-Cookie: drinking=; path=/
Set-Cookie: children=; path=/
Set-Cookie: keyword=; path=/
Set-Cookie: name=; path=/
Set-Cookie: maritalstatus=; path=/
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
----------------------------------------------------------
также на соседском сайте джумла стоит...на нем из паблик exploitov один ток подошёл вроде..( http://seclists.org/bugtraq/2011/Apr/80 )
тоже вроде скуля,но продвинуться мне там не получилось...
http://www.stopsmoking4steps.com/ind..._jce&Itemid=-1
подсобите,пожалуйста,в какую сторону копать |
|
|