Header Ads

Webspert 2.2rc2a osCommerce Multi vulnerability

======================================================================== | # Title : Webspert 2.2rc2a osCommerce Multi vulnerability |
# Author : indoushka |
# email : indoushka4ever@gmail.com |
# Tested on : windows 8.1 Français V.(Pro) |
# Version : 2.2rc2a |
# Vendor : http://www.webspert.com.my/ |
# Dork : "Powered by Webspert" ======================================================================== poc :
Webspert based on osCommerce version 2.2rc2a (2007) & osCommerce version 2.2rc2a suffers from a cross site request forgery vulnerability. =https://packetstormsecurity.com/files/92311/osCommerce-2.2rc2a-Cross-Site-Request-Forgery.html

so

1 -
Csrf :

http://www.kamazingart.com/private/backup.php/login.php

2 - backdoor Acounte : http://www.kamazingart.com/private/

user : admin
Pass : conny123@

Sql injection : http://www.sarayazahret.com/page.php?pageid=33

1 comment:

Silahkan Komentar dengan bahasa yang sopan

Powered by Blogger.