T-Dreams Cars Ads Package 2.0 SQL Injection

2010-12-04T00:00:00
ID PACKETSTORM:96376
Type packetstorm
Reporter R4dc0re
Modified 2010-12-04T00:00:00

Description

                                        
                                            `# Author: R4dc0re  
# Exploit Title: T-Dreams Cars Ads Package SQL injection Vulnerability  
# Date: 04-12-2010  
# Vendor or Software Link:http://t-dreams.com  
# Category:WebApp  
#Demo Link:http://t-dreams.com/demo/jobcareerV3  
#Version:2.0  
#Price:31$  
#Contact: R4dc0re@yahoo.fr  
#Website: www.1337db.com  
#Greetings to: R0073r(1337db.com), L0rd CrusAd3r,Sid3^effects and to rest of the 1337db members   
  
Submit Your Exploit at Submit@1337db.com  
  
########################################################################################  
[Product Detail]  
  
. JPhotos Upload to Database  
  
. Up to 3 images per ad  
  
. Car Makers & Car Models Categories  
  
. Secure Members Area  
  
. Member places many ads  
  
. Web Based Administrating Area  
  
. Easy to register Forms  
  
. Information & Users Privacy  
  
. Easy to merge with existing sites  
  
. MS Access Included  
  
. SQL Upgrading is enabled  
  
. Open Source Code  
  
[Vulnerability]  
  
SQL Injection:  
  
http://t-dreams.com/demo/cars/processview.asp?key=[Code]  
########################################################################################  
  
`