Penny Auction 5 - SQL Injection Vulnerabilities [Anonymoused]

2013-12-16 23:05:02

##################################################################################
_____ _ _ _ _____
| __ \ | | | | (_) / ____|
| |__) |_____ _____ | |_ _| |_ _ ___ _ __ | (___ ___ ___
| _ // _ \ \ / / _ \| | | | | __| |/ _ \| '_ \ \___ \ / _ \/ __|
| | \ \ __/\ V / (_) | | |_| | |_| | (_) | | | | ____) | __/ (__
|_| \_\___| \_/ \___/|_|\__,_|\__|_|\___/|_| |_| |_____/ \___|\___|

##################################################################################
Penny auction version - 5, SQLi Vulnerabilities
Product Page: http://www.auctionwebsitescript.com/penny_auction_v5.html
Script Demo: http://pennyauction-ver5.auctionwebsitescript.com

Author(Pentester): 3spi0n
On Web: RevolutionSec.Com - Janissaries.Org
On Social: Twitter.Com/eyyamgudeer
##################################################################################

[1] SQL Injection Vulnerabilities on Demo Site

[+] (index.php, show Param)
>>> [url]/index.php?show=product_penny&id='89

Fixes

No fixes

In order to submit a new fix you need to be registered.