Full Site For Restaurant SQL Injection

2010-06-14T00:00:00
ID PACKETSTORM:90605
Type packetstorm
Reporter L0rd CrusAd3r
Modified 2010-06-14T00:00:00

Description

                                        
                                            `Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]  
Exploit Title: Full Site for Restaurant SQL Injection Vulnerability  
Vendor url:http://www.mformula.com.br/  
Version:n/a  
Price:100$  
Published: 2010-06-11  
Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue, S1ayer,d3c0d3r,KD and to all ICW & AH members.  
Spl Greetz to:inj3ct0r.com Team  
  
#####################################################################################################################################################################################################  
  
Description:  
  
* Full Site for Restaurant SQL Injection Vulnerability *  
  
Internal system for total administration of the site, Available site in the languages Portuguese, Español, English, Japanese, French, Italian and German, Unlimited Extra Pages and Sub Pages, Menu OnLine, Unlimited Gallery of Photos Code: PHP 5.0   
#######################################################################################################################################################################################################  
  
Vulnerability:  
  
*SQLi Vulnerability  
  
DEMO URL :  
  
http://restaurant.mformula.com.br/?lang=[sqli]  
  
http://restaurant.mformula.com.br/extrapage.php?cat_id=[sqli]  
  
# 0day n0 m0re #  
  
`