OpenCart <= 1.5.6.1 SQL Injection

Posted by Saadi On Wednesday, 26 March 2014 11 comments
Hi , so today we have SQL injection in OpenCart .I discovered this bug several months ago when i pentested OpenCart and found CSRF in it too.You can check CSRF here.The ebay.php file in OpenCart is badly coded and you can see a lot SQLi in it.So here it is.. http://www.exploit-db.com/exploits/32520 http://packetstormsecurity.com/files/125867/OpenCart-1.5.6.1-SQL-Injection.html http://cxsecurity.com/issue/WLB-2014030212 http://1337day.com/exploit/description/22071 #...
READ MORE

ClipSharePro <= 4.1 Local File Inclusion

Posted by Saadi On Saturday, 8 March 2014 1 comments
http://www.exploit-db.com/exploits/32131 http://cxsecurity.com/issue/WLB-2014030063 # Exploit Title  : ClipSharePro <= 4.1 Local File Inclusion # Date           : 2013/3/9 # Exploit Author : Saadat Ullah , saadi_linux[at]rocketmail[dot]com # Software Link  : http://www.clip-share.com # Author HomePage: http://security-geeks.blogspot.com #...
READ MORE
Read more »

Mybb 1.6.12 XSS P0c

Posted by Saadi On Friday, 14 February 2014 2 comments
Hi , i didn't update the blog for some time as i was busy with some other stuff but now onward some cool stuff coming soon which i found but didn't publish them.. Mybb XSS ,  some days back i found a advisory XSS in search.php Reference : http://osandamalith.wordpress.com/2014/02/02/mybb-1-6-12-post-xss-0day/ After...
READ MORE
Page 1 of 6123456Next