- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 13930
- Проверка EDB
-
- Пройдено
- Автор
- L0RD CRUSAD3R
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2010-06-18
Код:
Author: L0rd CrusAd3r aka VSN [[email protected]]
Exploit Title:Shopping Cart Script with Affiliate Program SQL Injection
Vendor url:http://www.yourfreeworld.com
Version:n/a
Price:399$
Published: 2010-06-19
Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue, S1ayer,d3c0d3r,KD and to
all ICW members.
Spl Greetz to:inj3ct0r.com Team, Andhra hackers.com
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Description:
Whether you want to sell digital or physical products, this fully featured
shopping cart script is the perfect solution for managing your business.
With a simple, straightforward administration area, you can add as many
categories and products as you wish, view pending order, past orders, and
email customers. But even better, you can attract affiliates to promote your
online store, and make either a percentage commission or flat rate
commission per sale down to 3 levels as preferred. Emailing affiliates is as
simple as clicking a few buttons, and typing in your message. This quality
script includes built-in product search capability to enable your customers
to find exactly what they're looking for quick smart, and shows featured
products with associated images. You can even offer up to 5 merchant
programs for the convenience of your shoppers. Truly a jam packed script
with many attractive features that you should check out today!
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Vulnerability:
*SQLi Vulnerability
DEMO URL :
http://server/shopcart/index.php?c=[sql]
# 0day n0 m0re #
# L0rd CrusAd3r #
- Источник
- www.exploit-db.com