System Shop (Module aktka) SQL Injection Vulnerability

2010-09-12T00:00:00
ID 1337DAY-ID-13992
Type zdt
Reporter secret
Modified 2010-09-12T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ======================================================
System Shop (Module aktka) SQL Injection Vulnerability
======================================================

# Exploit Title: System Shop SQL Injection - Module aktkat=
# Date: 12.09.2010
# Author: secret
# Software Link: www.system-shop.at
# Version: latest version
# Tested on: XP / Linux
 
#Dorks : inurl:"aktkat"  / "Powered by System Shop" / "System Shop" site:at
 
SQL Injection :
=========================================================================================== 
 
Simple Error Based / Normal SQL Injection in "aktkat="
 
e.g. http://server/kn.php?aktkat=16 [SQL INJECTION] / columns vary..
 
NOT FIXED - 12.09.2010
 
--------------------------------------------------------------------------------
 
Greetz to all brothers & sisters who are fighting for freedom in IRAN...



#  0day.today [2018-03-03]  #