LFI to RCE via access_log injection

on
18

ZoGo-Shop e107 plugin 1.15.4 - SQL Injection Vuln

on 

[o] ZoGo-Shop e107 plugins 1.15.4 SQL Injection Vulnerability
Software : ZoGo-Shop plugins version 1.15.4
Vendor   : http://e107.org/
Download : http://plugins.e107.org/e107_plugins/psilo/psilo.php?artifact.89
Author   : NoGe


[o] Vulnerable file
e107_plugins/zogo-shop/product_details.php
$product_ID=$_GET["product"];


[o] Exploit
http://localhost/[path]/e107_plugins/zogo-shop/product_details.php?product=[SQL]


[o] Dork
"Powered by ZoGo-Shop" or "e107_plugins/zogo-shop/product_details.php"


Comments

labatterie said…
I’m about the seem for such details.
December 2, 2010 at 9:16 PM
Post a Comment