# Ariko-Security: Security Audits , Audyt bezpieczenstwa
# Advisory: 717/2010
| ####################################### |
| # Concept E-commerce SQL Injection Vulnerability |
| ####################################### |
| # Vendor : http://www.conceptinternetltd.com/ecommerce.php |
| http://www.conceptinternetltd.com/brochure.php |
| # Software : ubuntu 10.04 |
| # Date : 31/07/2010 |
| # by : gendenk |
| # Site : http://jatimcrew.org |
| # Dork intext : "Website by conceptinternetltd" |
| # Exploit : [site]/product_list.php?id=[SQL Injection] |
| # Exploit : [site]/news.php?id==[SQL Injection] |
| ####################################### |
| # Demo |
| # http://localhost/product_desc.php?id=979 [SQL Injection] |
| # Demo: |
| # http://localhost/news.php?id=[SQL Injection] |
| ####################################### |
| Dedicated For : Sekuritionline, Jatimcrew and Hacbox Crew |
| Life is challanging, the fear of challanges, causing you for backwardness..Facing for the bright future.. |
| #Thanks to : |
| ALLAH SWT dan Nabi Muhammad SAW, BAPAK Koe dan Almarhum Ibu Koe.... |
| Cyberlog, Cr4wl3r, Byz9991, Darkavanger, Newbie_Campuz,Unixcode,Bom2stalker, Phoenixhaxor, Xcyberx, Shamus and MAMA Sri Rahayu [ istri cyberlog ] Semoga Cepet Sembuh.. |