lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Sun, 13 Mar 2011 12:11:42 -0600
From: cdx.security@...il.com
To: bugtraq@...urityfocus.com
Subject: BoutikOne Multiples SQL Injection Vulnerability

- BoutikOne -
Multiples SQL Injection Vulnerability

RELEASE DATE : 13.03.2011
by Alz <cdx[dot]security[at]gmail[dot]com

[-] Google Dork: "Powered by BoutikOne"

[-> categorie.php] Var <path> :
http://[target]/categories.php?path=[sqli]

[-> list.php] Var <path> :
http://[target]/list.php?path=[sqli]

[-> description.php] Var <id> :
http://[target]/description.php?id=[sqli]

[-> description.php] Var <path> :
http://[target]/description.php?id=[id]&path=[sqli]

[-> search.php] Var <advCat> :
http://[target]/search.php?advCat=[sqli]

[-> search.php] Var <advComp> :
http://[target]/search.php?advComp=[sqli]

[-] RSS Folder:

[-> rss_news.php] Var <lang> :
http://[target]/rss/rss_news.php?lang=[sqli]

[-> rss_flash.php] Var <lang> :
http://[target]/rss/rss_flash.php?lang=[sqli]

[-> rss_promo.php] Var <lang> :
http://[target]/rss/rss_promo.php?lang=[sqli]

[-> rss_top10.php] Var <lang> :
http://[target]/rss/rss_top10.php?lang=[sqli]

[-> caddie.php] Multiples FORM Vulnerability

[-] SLQ Injection in <codePromo>
<input name="codePromo" size="12" type="text">

[-] SLQ Injection in <codeCadeau>
<input name="codeCadeau" size="15" type="text">

[-] SLQ Injection in <country>
<select name="country">

[-] Full PATH Disclosure:

[-> page_box.php] Var <module> :
http://[target]/page_box.php?module=%27

[-> page_box.php] Var <lang> :
http://[target]/page_box.php?lang=%27

[-> list.php] Var <target> :
http://[target]/list.php?target=%27

[-] Greetz to Darksky & litame

    Contact at #hackbbs @ irc.2600.net

  Enjoy.

Alz.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ