HiShop Mobile Cloud Mall System Has Logic Flaw Vulnerability

HiShop mobile cloud mall system, you can build PC, WAP, 2APP, small program, Alipay service window, WeChat shopping mall website, perfect switching between different devices, 6 +1 port any combination of unified back-office management, better shopping experience faster. HiShop mobile cloud mall...

Hishop General Mobile Cloud Mall suffers from SQL Injection Vulnerability

Ltd. HiShop.cn, continues to specialize in providing e-commerce software and related value-added service products for small and medium-sized enterprises SMEs. It is the earliest and longest lasting leading brand of e-commerce software and service provision in China. A SQL injection vulnerability...

Hishop易分销系统 Brand.aspx,ProductUnSales.aspx 两处SQL注入漏洞

No description provided by source...

Hishop易分销系统 /wapshop/productlist.aspx 文件 sort 参数SQL注入漏洞

No description provided by source...

HiShop商城系统 Isv.ashx 直接添加管理员设计缺陷

No description provided by source...

HiShop网上商店系统多版本SQL注入

简要描述： HiShop全称“长沙海商网络技术有限公司”，是国内最大的ASP.NET独立网店服务提供商。长期专注于B2C网上购物软件的研发及相关增值服务的提供。拥有著名网上商店系统品牌——HiShop。公司的主要业务是为中小企业、个人网商及网站站长提供B2C独立购物网站搭建的一站式套餐服务及网店推广、货源提供、个性定制等相关增值服务。 详细说明： 之前提交给wooyun，一直没反应！ 主要是Hishop6.0-Hishop6.1版本存在此处注入，不是开源的，黑盒来吧 关键字: powered by Hishop6.0 powered by Hishop6.1 用量不小，百度搜索看下...

hishop最新版存在SQL注入

简要描述： hishop最新版存在SQL注入（demo演示） 详细说明： hishop最新版存在SQL注入（demo演示） http://www.hishop.com.cn/products/ydfx/ 这里是demo： 随意注册一个，登录，访问POC： http://ydfx.demo.shopefx.com/user/UserRefundApply.aspx?OrderId=%27%20and%20select%20@@version%3E0%20and%20%271%27=%271 漏洞证明：...

Hishop商城分销系统信息泄露漏洞

No description provided by source...

Hishop易分销系统 sortOrderBy等参数SQL注入漏洞

No description provided by source...

hishop易分销系统sql注入漏洞

No description provided by source...

Hishop商城分销系统某处信息泄露

简要描述： RT 详细说明： 前人案例： http://wooyun.org/bugs/wooyun-2010-019206 泄露地址： /SubmmitOrderHandler.aspx?Action=GetUserShippingAddress&ShippingId=2 其中ID值为可控的，用BURP不断遍历可以找出非常多的用户信息 案例： http://demo.kuaidiantong.cn/SubmmitOrderHandler.aspx?Action=GetUserShippingAddress&ShippingId=2...

海商存在通用的存储型跨站漏洞

简要描述： 存储型xss，不需要发送链接，管理员一打开收件箱就会中招 详细说明：...

hishop和易分销系统演示站入侵

简要描述： hishop、易分销、快店通演示站被成功入侵 详细说明： 在导入淘宝数据包的同时会解压数据包。 如果在数据包（压缩文件）里面放一句话同时会解压 解压之后目录就是压缩文件夹的名字 漏洞证明： 快店通： hishop 易分销 img src="https://images.seebug.org/u...

Hishop商城系统官方网站后台账号密码泄露

简要描述： Hishop商城系统官方网站存在注入漏洞，已爆出用户名密码，后台未找到！！！ 详细说明： Hishop商城系统官方网站存在注入漏洞，网站使用dedecms系统，未打最新补丁，search.php文件可被注入。exp：...

Hishop 5.4 & 5.4.1 SQL injection-vulnerability warning-the black bar safety net

Exploit Title: Hishop 5.4 &5.4.1 SQL injection Date: 06-04-2012 Author: Hacker-Fire Vendor orSoftware Link: http://www.hishop.com.cn/bbs/thread-htm-fid-13.html Version: 5.4 & 5.4.1 Category:: webapps Google dork: intext:Hishop 5.4 Tested on: Windows 7 P0c : ? Php printr ' +...

Hishop 5.4 & 5.4.1 SQL injection vulnnerability

Exploit for php platform in category web applications Exploit Title: Hishop 5.4 & 5.4.1 SQL injection Date: 06-04-2012 Author: Hacker-Fire Vendor or Software Link: http://www.hishop.com.cn/bbs/thread-htm-fid-13.html Version: 5.4 & 5.4.1 Category:: webapps Google dork: intext:Hishop 5.4 Tested on:...

Hishop 5.4&5.4.1 SQL injection vulnerability in the EXP-bug warning-the black bar safety net

Hishop online store system V5. 4 The official version is that the Maritime network has the property of self-developed WEB-based applications in the B/S architecture of a B2C online store system, mainly for enterprises and large and medium-sized network operators to provide the best protection, to...

Hishop(latest edition) 5.4&5.4.1 SQL Injection Exploit[0day]-vulnerability warning-the black bar safety net

hishop since 0 9 in 5.1 and 5. 1. 3 explosion over the vulnerability after it didn't burst. Some time ago, looked under, to find an injection point, but the statement is a bit complex and also filter the underlined table name which has an underscore, so need special configuration, This injection...

Hishop 5.13. x 0DAY vulnerabilities-vulnerability warning-the black bar safety net

Hishop 5.13 a FCK vulnerability. Use code: ! Selection. net upload, the directory for the file Baidu search keyword: Powered by Hishop 5.13（raunchy revenge: the good word by yourself pick out, I will not write. Runaway revenge: the zhenker brother did not write that everyone should know, the use ...

Hishop 5.13. x 0DAY-vulnerability warning-the black bar safety net

Author: zhenker Blog:http://hi. baidu. com/zhenker Hishop 5.13 a FCK vulnerability. Use code: http://www.xx.com/fckeditor/editor/filemanager/connectors/uploadtest.html Selection. net upload, the directory for the file Baidu search keyword: Powered by Hishop 5.13...