[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

e107 Plugin ZoGo-Shop 1.15.4 (product) SQL Injection Vulnerability

Author
NoGe
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-4222
Category
web applications
Date add
22-11-2008
Platform
unsorted
==================================================================
e107 Plugin ZoGo-Shop 1.15.4 (product) SQL Injection Vulnerability
==================================================================


=========================================================================================


  [o] ZoGo-Shop e107 plugins 1.15.4 SQL Injection Vulnerability

       Software : ZoGo-Shop plugin version 1.15.4
       Vendor   : http://e107.org/
       Download : http://plugins.e107.org/e107_plugins/psilo/psilo.php?artifact.89
       Author   : NoGe


=========================================================================================


  [o] Vulnerable file

       e107_plugins/zogo-shop/product_details.php

        $product_ID=$_GET["product"];



  [o] Exploit

       http://localhost/[path]/e107_plugins/zogo-shop/product_details.php?product=[SQL]



  [o] Dork

       "Powered by ZoGo-Shop" or "e107_plugins/zogo-shop/product_details.php"


=========================================================================================



#  0day.today [2024-12-24]  #