======================================================================== | # Title : Webspert 2.2rc2a osCommerce Multi vulnerability |
# Author : indoushka |
# email : indoushka4ever@gmail.com |
# Tested on : windows 8.1 Français V.(Pro) |
# Version : 2.2rc2a |
# Vendor : http://www.webspert.com.my/ |
# Dork : "Powered by Webspert" ======================================================================== poc :
Webspert based on osCommerce version 2.2rc2a (2007) & osCommerce version 2.2rc2a suffers from a cross site request forgery vulnerability. =https://packetstormsecurity.com/files/92311/osCommerce-2.2rc2a-Cross-Site-Request-Forgery.html
so
1 -
Csrf :
http://www.kamazingart.com/private/backup.php/login.php
2 - backdoor Acounte : http://www.kamazingart.com/private/
user : admin
Pass : conny123@
Sql injection : http://www.sarayazahret.com/page.php?pageid=33
Next
« Prev Post
« Prev Post
Previous
Next Post »
Next Post »
Subscribe to:
Post Comments (Atom)
0 Komentar