Just Dial Clone Script SQL Injection

2016-10-06T00:00:00
ID PACKETSTORM:139009
Type packetstorm
Reporter OoN_Boy
Modified 2016-10-06T00:00:00

Description

                                        
                                            `[x]========================================================================================================================================[x]  
| Title : Just Dial Clone Script SQL & XSS Vulnerabilities  
| Software : Just Dial Clone  
| Vendor : http://www.i-netsolution.com/  
| Demo : http://www.i-netsolution.com/item/just-dial-clone/live_demo/423618  
| Date : 06 October 2016  
| Author : OoN_Boy  
[x]========================================================================================================================================[x]  
  
  
  
[x]========================================================================================================================================[x]  
| Technology : PHP  
| Database : MySQL  
| Price : $ 299  
| Description : If you wish to launch your own business directory website, we have a readymade solution for you which supports unlimited  
categories, uses and secure code. Our Company Catalogue Listing Script is just the right script for you  
[x]========================================================================================================================================[x]  
  
  
[x]========================================================================================================================================[x]  
| Exploit : http://localhost/jus/restaurants-details.php?fid=%Inject_Here%21  
| Admin Page : http://localhost/[path]/admin/index.php   
[x]========================================================================================================================================[x]  
  
  
  
[x]========================================================================================================================================[x]  
| Proof of concept SQL : http://localhost/jus/restaurants-details.php?fid=%Inject_Here%21  
[x]========================================================================================================================================[x]  
  
[x]========================================================================================================================================[x]  
| Greetz : antisecurity.org batamhacker.or.id  
| Vrs-hCk NoGe Jack zxvf Angela h4ntu reel dono Zhang aJe H312Y yooogy mousekill }^-^{ martfella noname s4va  
| k1tk4t str0ke kaka11 ^s0n g0ku^ Joe Chawanua Ntc xx_user s3t4n IrcMafia em|nem Pandoe Ronny rere  
[x]========================================================================================================================================[x]  
  
[x]========================================================================================================================================[x]  
| Hi All long time no see ^_^  
[x]========================================================================================================================================[x]  
`