Lucene search

K
packetstormL0rd CrusAd3rPACKETSTORM:90609
HistoryJun 14, 2010 - 12:00 a.m.

Site To Store Automobile - Motorcycle - Boat SQL Injection

2010-06-1400:00:00
L0rd CrusAd3r
packetstormsecurity.com
17
`Author: L0rd CrusAd3r aka VSN [[email protected]]  
Exploit Title: Site to Store Automobile - Motorcycle - Boat SQL Injection Vulnerability  
Vendor url:http://www.mformula.com.br/  
Version:n/a  
Price:100$  
Published: 2010-06-11  
Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue, S1ayer,d3c0d3r,KD and to all ICW & AH members.  
Spl Greetz to:inj3ct0r.com Team  
  
#####################################################################################################################################################################################################  
  
Description:  
  
* Site to Store Automobile - Motorcycle - Boat SQL Injection Vulnerability *  
  
Resources and Advantages  
Better cost-benefit of the market  
Internal system for total administration of the site  
Available site in the languages Portuguese, EspaΓ±ol, English and Japanese  
Property Management  
Management Clients  
Support for Sale and Rent  
Unlimited Publication of Photos for Property  
RSS/XML feed  
Optimization in search engines  
SiteMap Google, Yahoo and Bing  
Supported to any type of personalized option (Color, Size, Type, etc)  
Personalization of the layout, colors and texts of the site in agreement your mark  
Reports detailed on the site  
Support via HelpDesk integrated in the Administration of your site   
#######################################################################################################################################################################################################  
  
Vulnerability:  
  
*SQLi Vulnerability  
  
DEMO URL :  
  
http://automotoboatshop.mformula.com.br/products_view.php?id=[sqli]  
  
# 0day n0 m0re #  
  
`