[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

I-net Enquiry management Script SQL Injection Vulnerability

Author
D4rk357
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-13321
Category
web applications
Date add
13-07-2010
Platform
php
===========================================================
I-net Enquiry management Script SQL Injection Vulnerability
===========================================================


Name : I-net Enquiry management  Script SQL Injection Vulnerability
Date : july 13, 2010
Critical Level     : HIGH
Vendor Url : http://www.i-netsolution.com/
Author : D4rk357 D4rk357[at]yahoo][dot]in
special thanks to : b0nd, Fbih2s,rockey killer,The empty(), punter,eberly,prashant
greetz to :http://www.garage4hackers.com/forum.php , h4ck3r.in and  all ICW members
#####################################################################################
Description :I-Net Enquiry Management This application is boon for people finding difficult
ies in managing their Incoming Enquiries from various sources and their replies to them.
 Enquires are the source of Growing business in any areas of life. Be it a small business
or a Big enterprise, effective handling of the generated enquires leads to new business
and New sales. Our Research shows that there is a huge market / need for such application
which can manage the business enquires and handle them effectively. Companies are making
huge losses as their enquires go unattended or not properly responded. Our IEM takes care
of the complete requirement and provides Total solution for such need from any quarter of
business segment. The specifications are as under: The enquiry management system is a web
based application using latest PHP technologies and MYSQL database. 
########################################################################
Exploit:SQLi Injection
 I-net Enquiry mannagement  Script has sql injection vulnerability
 
DEMO URL :http://<server>/Products/order_management/viewaddedenquiry.php?id=[SQli]
 
###############################################
#When you really want something the whole uniververse consipres for you to achieve it :Paulo Coelho
#D4rk357



#  0day.today [2024-12-25]  #