Sunday, December 6, 2009

Multiple bugs on still vulnerable to SQL and html Injection

so let's see some screenshots :)

Iframe injection poc:

many others applications seems to be vulnerable so be carefull !

see also my old post about sql injection on


another apps. vulnerable to sql injection

and here we have another html injection poc:

1 comment:

buherator said...

m1key also showed a bug like this to me but it seemed like the guys at FB noticed the breach and redirected him to a honeypot and started the decloaking engine, so be careful! I wrote about this in my hungarian blog, the screens might be interesting for you too (especially the last BackTrack shell :P):

Nice job anyway!