44 lines
No EOL
1.9 KiB
Text
44 lines
No EOL
1.9 KiB
Text
) ) ) ( ( ( ( ( ) )
|
|
( /(( /( ( ( /( ( ( ( )\ ))\ ) )\ ))\ ) )\ ) ( /( ( /(
|
|
)\())\()))\ ) )\()) )\ )\ )\ (()/(()/( ( (()/(()/((()/( )\()) )\())
|
|
((_)((_)\(()/( ((_)((((_)( (((_)(((_)( /(_))(_)) )\ /(_))(_))/(_))(_)\|((_)\
|
|
__ ((_)((_)/(_))___ ((_)\ _ )\ )\___)\ _ )\(_))(_))_ ((_)(_))(_)) (_)) _((_)_ ((_)
|
|
\ \ / / _ (_)) __\ \ / (_)_\(_)(/ __(_)_\(_) _ \| \| __| _ \ | |_ _|| \| | |/ /
|
|
\ V / (_) || (_ |\ V / / _ \ | (__ / _ \ | /| |) | _|| / |__ | | | .` | ' <
|
|
|_| \___/ \___| |_| /_/ \_\ \___/_/ \_\|_|_\|___/|___|_|_\____|___||_|\_|_|\_\
|
|
.WEB.ID
|
|
-----------------------------------------------------------------------
|
|
Joomla Component com_redshop 1.0 (pid) SQL Injection Vulnerability
|
|
-----------------------------------------------------------------------
|
|
Author : v3n0m
|
|
Site : http://yogyacarderlink.web.id/
|
|
Date : July, 10-2010
|
|
Location : Jakarta, Indonesia
|
|
Time Zone : GMT +7:00
|
|
----------------------------------------------------------------
|
|
|
|
Affected software description:
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
Application : redSHOP
|
|
Version : 1.0 Lower versions may also be affected
|
|
Vendor : http://www.redcomponent.com/
|
|
License : GPL
|
|
Google Dork : inurl:com_redshop
|
|
Description :
|
|
|
|
redSHOP is a Content Creation Kit style of webshop / webshop tool where
|
|
you got the most access ever given to any user to completely style around
|
|
and change thier webshop, without alot more knowledge then HTML and a bit of CSS.
|
|
----------------------------------------------------------------
|
|
|
|
Poc:
|
|
~~~~~~~
|
|
|
|
http://127.0.0.1/[path]/index.php?option=com_redshop&view=product&pid=[SQLi]
|
|
|
|
----------------------------------------------------------------
|
|
|
|
WWW.YOGYACARDERLINK.WEB.ID | v3n0m666[at]live[dot]com
|
|
|
|
---------------------------[EOF]-------------------------------- |