Netartmedia iBoutique.MALL - SQL Injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1060580 漏洞类型
发布时间 2010-06-28 更新时间 2010-06-28
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/14094
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
Name : Netartmedia iBoutique.MALL SQLi Vulnerability
Date : june, 28 2010
Critical Level     : HIGH
Vendor Url : http://www.netartmedia.net/mall/
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_,Sn!pEr.S!Te,n4pst3rr
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz
#######################################################################################################
Description:
iBoutique.MALL is a powerful and flexible multi merchants php mall solution. It makes possible for the merchants to signup and create their

online stores with ease. They could start selling their good within minutes without having any html knowledge. iBoutique.MALL offers a lot of

useful functionalities for both merchants (to manage their product inventory and payments, invoice generation, statistics, ...) and

administrators, to control the whole system
###############################################################################################################

Xploit: SQLi VUlnerability

 
DEMO URL : http://server/path/index.php?mod=products&cat=[sqli]

###############################################################################################################
# 0day no more
# Sid3^effects