PrestaShop 1.5.6.2 Cross Site Scripting

Cross Site Scripting on E-Commerce PrestaShop Risk: Low CWE number: CWE-79 Date: 09/04/2014 Vendor: www.prestashop.com Version: PrestaShop 1.5.6.2 Author: Felipe "Renzi" Gabriel Contact: [email protected] Tested on Windows 8 pro Vulnerable File: product.php Exploit:...

WebLife CMS SQL Injection

Mulitple SQL Injection on WebLife CMS Risk: High CWE number: CWE-89 Date: 09/04/2014 Vendor: www.weblife.sk Author: Felipe "Renzi" Gabriel Contact: [email protected] Tested on Windows 8 pro Vulnerable File: index.php Exploit: http://host/index.php?jazyk=SQLI http://host/index.php?page=SQLI PoC:...