PHP Shop Cart 5.9 SQL Injection

2010-09-29T00:00:00
ID PACKETSTORM:94350
Type packetstorm
Reporter RoAd_KiLlEr
Modified 2010-09-29T00:00:00

Description

                                        
                                            `-----------------------------------------------------------------------------------------  
PHP SHOP CART V5.9 SQL-i Vulnerability  
-----------------------------------------------------------------------------------------  
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0  
0 _ __ __ __ 1  
1 /' \ __ /'__`\ /\ \__ /'__`\ 0  
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1  
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0  
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1  
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0  
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1  
1 \ \____/ >> Exploit database separated by exploit 0  
0 \/___/ type (local, remote, DoS, etc.) 1  
1 1  
0 [+] Site : Inj3ct0r.com 0  
1 [+] Support e-mail : submit[at]inj3ct0r.com 1  
0 0  
1 ########################################### 1  
0 I'm **RoAd_KiLlEr** member from Inj3ct0r Team 1  
1 ########################################### 0  
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1  
  
[+]Title PHP SHOP CART V5.9 SQL-i Vulnerability  
[+]Author **RoAd_KiLlEr**  
[+]Contact RoAd_KiLlEr[at]Khg-Crew[dot]Ws  
[+]Tested on Win Xp Sp 3  
---------------------------------------------------------------------------  
[~] Founded by **RoAd_KiLlEr**  
[~] Team: Albanian Hacking Crew  
[~] Home: http://inj3ct0r.com/author/2447   
[~] Version: V5.9  
[~] Price: $52  
[~] Vendor: http://phpsoftware.info  
==========ExPl0iT3d by **RoAd_KiLlEr**==========  
  
[+]Description:  
Shop-cart PHP Very Simple & Easy to manage PHP shopping cart script. Shop-CART Works with your PayPal Acount & provides basic shopping cart functionality and allows to create a nice looking simple shopping cart Stand Alone Store Or a add-on for your website.Ad ,edit or remove products,catagories,pricing. .Free Tec support for 30 days comes automatic..Easy to install and manage,change color,all 100% opensorce.  
Plus we will custom make your first logo free  
=========================================  
  
[+] Dork: inurl:"Cihujjii"  
  
==========================================  
  
  
[+]. SQL-i Vulnerability  
=+=+=+=+=+=+=+=+=+  
  
[Exploit]: http://127.0.0.1/path/index.php?productID=[SQL Injection]   
  
  
  
  
[DemO]: http://127.0.0.1/index.php?productID=[SQL Injection]   
  
  
  
===========================================================================================  
[!] Albanian Hacking Crew   
===========================================================================================  
[!] **RoAd_KiLlEr**   
===========================================================================================  
[!] MaiL: sukihack[at]gmail[dot]com  
===========================================================================================  
[!] Greetz To : Ton![w]indowS | X-n3t | b4cKd00r ~ | The|DennY` | EaglE EyE | THE_1NV1S1BL3 & All Albanian/Kosova Hackers   
===========================================================================================  
[!] Spec Th4nks: r0073r | indoushka | Sid3^effects| L0rd CruSad3r | SONIC | MaFFiTeRRoR | All Inj3ct0r.com Members | And All My Friendz  
===========================================================================================  
[!] Red n'black i dress eagle on my chest  
It's good to be an ALBANIAN  
Keep my head up high for that flag I die  
Im proud to be an ALBANIAN  
===========================================================================================  
`