2daybiz Network Community Script suffers from cross site scripting and remote SQL injection vulnerabilities.
b031a3c537dca0cae75bb56471260670a86e6d6d3880971f66b6effda7d9394b
===========================================================
2daybiz Network Community Script SQLi AND XSS Vulnerability
===========================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ########################################## 1
0 I'm Sid3^effects member from Inj3ct0r Team 1
1 ########################################## 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
Name : 2daybiz Network Community Script SQLi AND XSS Vulnerability
Date : june, 16 2010
Vendor url :http://www.2daybiz.com/networkcommunityscript.html
Critical Level : HIGH
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,gunslinger_
greetz to :All ICW members and my friends :) luv y0 guyz
#######################################################################################################
DESCRIPTION:
2daybiz Network Community Script has all the features needed to run a successful social networking community like Orkut. The features include
customizing member profile, upload pictures, inviting friends to join their network, create groups with different access levels, chat in
public or private rooms, and create forums, events, classifieds, and blog. Network Community Script makes it easy to find people who share
their hobbies and interests, look for dating partners or to establish new business contacts. The user can also create and join a wide variety
of online communities to discuss current events, reconnect with old friends or even exchange your favorite recipes.
#######################################################################################################
Xploit: SQLI Vulnerability
DEMO URL : http://2daybiz.com/products/orkutclone/view_photo.php?page=3&alb=[SQLI]
###############################################################################################################
Xploit: XSS Vulnerability
Attack Pattern: '"-->
DEMO URL :http://2daybiz.com/products/orkutclone/scrapbook.php?id=[XSS]
###############################################################################################################
# 0day no more
# Sid3^effects
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed