Zumiez Inc. operates as a specialty retailer of action sports related apparel, footwear, equipment, and accessories. Its apparel products include tops, bottoms, outerwear, caps, bags and backpacks, belts, jewelry, and sunglasses; and footwear products comprise action sports related athletic shoes and sandals. The company also offers various equipment products or hardgoods, such as skateboards, snowboards, and boots and bindings; and miscellaneous novelties. Its stores cater to young men and women between the ages of 12 and 24 focusing on sport lifestyle centered on activities that comprise skateboarding, surfing, snowboarding, bicycle motocross, and motocross. The company also sells its products online. As of August 25, 2012 it operated 486 stores, comprising 463 in the United States and 18 in Canada under the name of Zumiez, and 5 in Europe under the Blue Tomato name.
___ ___ ___
/ /\ / /\ / /\ __
/ /:/ / /:/ / /::\ | |\
/ /:/ / /:/ / /:/\:\ | |:|
/ /::\ ___ / /:/ / /::\ \:\ | |:|
/__/:/\:\ /\ /__/:/ /\ /__/:/\:\ \:\ |__|:|__
\__\/ \:\/:/ \ \:\ /:/ \ \:\ \:\_\/ / /::::\
\__\::/ \ \:\ /:/ \ \:\ \:\ / /:/~~~~
/ /:/ \ \:\/:/ \ \:\_\/ /__/:/
/__/:/ \ \::/ \ \:\ \__\/
\__\/ \__\/ \__\/
Follow @freshprincehuey - http://twitter.com/freshprincehuey
http://zumiez.com < Fail Coding
Click on pic below to enlarge size and view vulns
File Inclusion - http://i.imgur.com/cPRFP.png
![]()
Cross site scripting - http://i.imgur.com/Kjhfa.png
![]()
Apache Version - 2.2.22 - www.google.com/?q=Apache+2.2.22+exploit
Full Path Disclosure - http://i.imgur.com/hFqY8.png
![]()
Possible SQL Injection - http://i.imgur.com/bUuu6.png
![]()
I say possible because, google logged that it use to have a SQL Injection but that does not mean its still there as they might have fixed it or I just cant find it -.-
#####################
# @freshprincehuey
#####################
___ ___ ___
/ /\ / /\ / /\ __
/ /:/ / /:/ / /::\ | |\
/ /:/ / /:/ / /:/\:\ | |:|
/ /::\ ___ / /:/ / /::\ \:\ | |:|
/__/:/\:\ /\ /__/:/ /\ /__/:/\:\ \:\ |__|:|__
\__\/ \:\/:/ \ \:\ /:/ \ \:\ \:\_\/ / /::::\
\__\::/ \ \:\ /:/ \ \:\ \:\ / /:/~~~~
/ /:/ \ \:\/:/ \ \:\_\/ /__/:/
/__/:/ \ \::/ \ \:\ \__\/
\__\/ \__\/ \__\/
Follow @freshprincehuey - http://twitter.com/freshprincehuey
http://zumiez.com < Fail Coding
Click on pic below to enlarge size and view vulns
File Inclusion - http://i.imgur.com/cPRFP.png
Cross site scripting - http://i.imgur.com/Kjhfa.png
Apache Version - 2.2.22 - www.google.com/?q=Apache+2.2.22+exploit
Full Path Disclosure - http://i.imgur.com/hFqY8.png
Possible SQL Injection - http://i.imgur.com/bUuu6.png
I say possible because, google logged that it use to have a SQL Injection but that does not mean its still there as they might have fixed it or I just cant find it -.-
#####################
# @freshprincehuey
#####################
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information