[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : 2DayBiz Multiple SQL Injection
# Published : 2010-06-25
# Author : Sangteamtham
# Previous Title : Allomani Songs & Clips Script v2.7.0 - [CSRF] Add Admin Account
# Next Title : 2DayBiz Matrimonial Script SQL Injection and Cross Site Scripting
$-------------------------------------------------------------------------------------------------------------------
$ 2daybiz custom T-shirt SQL Injection and Cross Site Scripting
Vulnerabilities
$ Author : Sangteamtham
$ Home : Hcegroup.net
$ Download :http://www.2daybiz.com/customt-shirt_designscript.html
$ Date :06/25/2010
$
$******************************************************************************************
$Exploit:
$
$ 1.SQL injection:
$
$ http://server/products_details.php?sbid=[id number]
$ http://server/products/products.php?pid=[id number]
$ http://server/designview.php?designid=[id number]
$
$
$
$
$******************************************************************************************
$ Greetz to: All Vietnamese hackers and Hackers out there researching for
more security
$
$
$--------------------------------------------------------------------------------------------------------------------