System Shop (detail.php) SQL Injection

2010-09-15 13:15:14

# Exploit Title: System Shop SQL Injection - Boutique/detail.php?ID=
# Date: 15.09.2010
# Author: Fatal.001
# Software Link: system-shop
# Version: latest version
# Tested on: XP / Linux
# Dork : boutique/detailles.php?id=

SQL INJECTION
Simple Error Based / Normal SQL Injection in "Boutique/detail.php?ID"

e.g. http://server/Boutique/detail.php?ID= [SQL INJECTION] / columns vary..
e.x. http://www.google.co.ma/search?hl=fr&&sa=X&ei=N56QTK7tOMK88gbbloynDg&ved=0CAUQBSgA&q=boutique/detailles.php%3Fid%3D&spell=1
--------------------------------------------------------------------------------
Greetz to all contact [email protected]
Rachide - badar - achraf - anass - 9asimi - qx9x - the2one - yassine .... ou kamal draré Yassine

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.