Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CPA Lead Script SQL Injection

🗓️ 18 May 2010 00:00:00Reported by R3d-D3v!LType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 21 Views

SQL Injection vulnerability in CPA Lead Script by www.v-eva.com (14.Jan.2010, 05:15 am GMT

Code
`  
  
  
######################{In The Name Of Allah The Mercifull} ######################  
  
[~] Tybe: SQL Injection Vulnerabilities   
[~] Vendor: www.v-eva.com   
[+] Software: CPA Lead Script   
[+] author: ((R3d-D3v!L))   
[~]   
[+] TEAM: ArAB!AN !NFORMAT!ON SeCuR!TY ---->((4.!.5))   
[~]   
[?] contact: X[at]hotmail.co.jp   
[-]   
[?] Date: 14.Jan.2010   
[?] T!ME: 05:15 am GMT   
[?] Home: © Offensive Security   
[?]   
  
======================================================================================   
# SQL Injection # contact.php id  
======================================================================================   
[*] Err0r C0N50L3:   
http://127.0.0.1/contact.php?id={EV!L EXPLO!T}   
  
[*] prove of concept  
  
  
when you put ' after id num you can see the page is changed   
  
  
  
and when you put {order+by+1} after id you can see the normal page  
  
  
the order is accepted so the script is infected.  
  
[~]-----------------------------{((MAGOUSH-87))}------------------------------------------------#   
#   
[~] Greetz tO: [dolly &MERNA &DEV!L_MODY &po!S!ON Sc0rp!0N &JASM!N &MARWA & mAG0ush-1987] #   
#   
[~]70 ALL ARAB!AN HACKER 3X3PT : LAM3RZ #   
#   
[~] spechial thanks : ((HITLER JEDDAH & S!R TOTT! & DR.DAShER)) #   
#   
[?]spechial SupP0RT : MY M!ND # © Offensive Security #   
#   
[?]4r48!4n.!nforma7!0N.53cur!7y ---> ((r3d D3v!L<--M2Z--->JUPA<---aNd--->Devil ro0t)) #   
#   
[~]spechial FR!ND: 0r45hy #   
#   
[~] !'M 4R48!4N 3XPL0!73R. #   
#   
[~]{[(D!R 4ll 0R D!E)]}; #   
#   
[~]---------------------------------------------------------------------------------------------  
  
_________________________________________________________________  
Hotmail: Powerful Free email with security by Microsoft.  
https://signup.live.com/signup.aspx?id=60969  
  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
18 May 2010 00:00Current
0.6Low risk
Vulners AI Score0.6
sql injectioncpa lead scriptwww.v-eva.comr3d-d3v!larab!an !nformat!on secur!tycontact.phpev!l explo!tmagoush-87dollymernadev!l_modypo!s!on sc0rp!0njasm!nmarwamag0ush-1987lam3rzhitler jeddahs!r tott!dr.dasher4r48!4n.!nforma7!0n.53cur!7yr3d d3v!lm2zjupadevil ro0t0r45hy
21