FreznoShop 1.3.0 - SQL Injection Vuln

FreznoShop 1.3.0 - SQL Injection Vuln

on April 13, 2009


[o] FreznoShop 1.3.0 SQL Injection Vulnerability
Software : FreznoShop version 1.3.0
Vendor   : http://sourceforge.net/projects/freznoshop/
Download : http://sourceforge.net/project/platformdownload.php?group_id=86090
Author   : NoGe


[o] Vulnerable file
product_details.php


[o] Exploit
http://localhost/[path]/product_details.php?id=[SQL]


[o] Dork
"Powered by FreznoShop"

Comments