Netkamp Emlak Scripti XSS & Sql İnjections Vulnerability #Software: Netkamp Emlak Scripti #download: not free(350 YTL) sale: http://www.netkamp.com/net_emlak.asp #demo: http://netemlak.netkamp.com/ #Found By: GeFORC3 ( G3 ) #Exploit & example : ----------------------------------------------------------------------- #XSS: http://www.site.com/script_path/iletisim.asp write to xss code in script's tex box expample: İletişim Formu(contact form) Adınız: "> Soyadınız: "> E-Mail: "> Konu: "> Mesajınız: "> Press to "gönder"(send) button. This xss works on "Netkamp Emlak Scripti" script's contact page ----------------------------------------------------------------------- #Sql İnjections http://www.site.com.com/script_path/detay.asp?ilan_id=[SQL] ----------------------------------------------------- WwW.GeFORC3.ORG | WwW.HeykirBlog.Org | WwW.NetKaBus.CoM