System Shop – ‘Module aktka’ SQL Injection - 体验盒子

作者： secret

日期： 2010-09-12

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/14985/

_____ ______ _____ ___________ _______ 
 / ____|____/ ____|__ \|____|__ __|
| (___ | |__ | || |__) | |__ | | 
 \___ \|__|| ||_/|__|| | 
 ____) | |___| |____| | \ \| |____ | | 
|_____/|______\_____|_|\_\______||_| 
 
 
# Exploit Title: System Shop SQL Injection - Module aktkat=
# Date: 12.09.2010
# Author: secret
# Software Link: www.system-shop.at
# Version: latest version
# Tested on: XP / Linux

#Dorks : inurl:"aktkat"/ "Powered by System Shop" / "System Shop" site:at

SQL Injection : 
===========================================================================================

Simple Error Based / Normal SQL Injection in "aktkat="

e.g. http://server/kn.php?aktkat=16 [SQL INJECTION] / columns vary..

NOT FIXED - 12.09.2010

--------------------------------------------------------------------------------

Greetz to all brothers & sisters who are fighting for freedom in IRAN...

خدا شما کمک خواهد کرد

contact : secret_hf@hotmail.com