< ------------------- header data start ------------------- >

#############################################################

# Application Name : Opial Version 1.0

# Vulnerable Type : Cross Site Scripting & SqL Injections

# Infection : Yönetici ve User cookie’leri çalinabilir. , Yönetici hesab bilgileri çalinabilir.

# Bug Fix Advice : XSS Fix = Zararli karakterler filtrelenmelidir. , Sql Inj. Fix = Degiskenler Sadece Integer Alacak Sekilde Düzenlenmeli

# Demo : http://www.opial.com/demo

# author : Bug Researchers | Kadir DOGAN


#############################################################

< ------------------- header data end of ------------------- >



< -- bug code start -- >

/flashplayer.php?sng=[SqL]
/artistdetail.php?artistid=[SqL]
/topdownloads.php?genres_parent=[Xss]
/flashplayer.php?sng=[Xss]
< -- bug code end of -- >