Tuesday, 11 April 2017

http://www.gurufocus.com/ | data leaks and errors

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /home/gurufocu/public_html/holdings_ind.php

errors  can be raised by simply manipulating parameters in the queries

chiarelettere.it | XSS and errors


Notice: Undefined index: collana in /home/httpd/html/casaleggio/chiarelettere.it/php/avvisamico.php on line 896

Monday, 10 April 2017

https://www.buddybank.com/ | wordpress content injection


You can test it with the most common (python) PoC.

Tuesday, 4 April 2017

eptbenevento.it | file listing - data leak