BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
phpShop <= v 0.8.1 Remote SQL injection / Filter Bypass Feb 02 2008 03:52PM
theredc0ders gmail com
Vendor : PHPShop

Webiste : http://www.phpshop.org

Version : v0.8.1

Author: the redc0ders / theredc0ders[at]gmail[dot]com

Condition: magic_quote_gpc = off , in php.ini setting

Details :

==========

Vulnerable Code in index.php near lines 98 - 128

[code]

// basic SQL inject detectio...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus