34 lines
1,001 B
Text
34 lines
1,001 B
Text
_____ ______ _____ _____ ______ _______
|
|
/ ____| ____/ ____| __ \| ____|__ __|
|
|
| (___ | |__ | | | |__) | |__ | |
|
|
\___ \| __|| | | _ /| __| | |
|
|
____) | |___| |____| | \ \| |____ | |
|
|
|_____/|______\_____|_| \_\______| |_|
|
|
|
|
|
|
# Exploit Title: System Shop SQL Injection - Module aktkat=
|
|
# Date: 12.09.2010
|
|
# Author: secret
|
|
# Software Link: www.system-shop.at
|
|
# Version: latest version
|
|
# Tested on: XP / Linux
|
|
|
|
#Dorks : inurl:"aktkat" / "Powered by System Shop" / "System Shop" site:at
|
|
|
|
SQL Injection :
|
|
===========================================================================================
|
|
|
|
Simple Error Based / Normal SQL Injection in "aktkat="
|
|
|
|
e.g. http://server/kn.php?aktkat=16 [SQL INJECTION] / columns vary..
|
|
|
|
NOT FIXED - 12.09.2010
|
|
|
|
--------------------------------------------------------------------------------
|
|
|
|
Greetz to all brothers & sisters who are fighting for freedom in IRAN...
|
|
|
|
خدا شما کمک خواهد کرد
|
|
|
|
contact : secret_hf@hotmail.com
|
|
|