Greeting card v1.1 SQL Injection Vulnerability

2010-06-22 10:02:45

========================================
Grering card SQL Injection Vulnerability
========================================


# Title : Greetring card SQL Injection Vulnerability
# Author : Net.Edit0r
# Location : Iran
# Dork : "Send amazing greetings to your friends and relative!"
# Category : webapps
# Version : 1.1
# Platform : linux/php


[~]######################################### InformatioN
#############################################[~]

[~] Title : Grering card SQL Injection Vulnerability
[~] Author : Net.Edit0r
[~] Email : [email protected] ~ [email protected]

[~]######################################### ExploiT
#############################################[~]

[~] 1. Vulnerable File :

http://127.0.0.1/search.php?CategoryID=15&SubcategoryID=[SQL]

[~] 2. Vulnerable File :

http://127.0.0.1/search.php?CategoryID=6[SQL]

[~] 3. Vulnerable File :

http://127.0.0.1/news.php?CategoryID=[SQL]

[~] 3. Demo :

http://server/search.php?CategoryID=15&SubcategoryID=60'

[~]######################################### ThankS To ...
############################################[~]

[~] Special Thanks To My Best FriendS :

NetQard , B3hz4d , Raiden , ~[ CriMe ]~ ,

Fixes

No fixes

In order to submit a new fix you need to be registered.