Free Advertisement CMS suffers from a remote SQL injection vulnerability.
657c9d92482a6e956562b4c1fc4f6cb9ecbde87f0941ce3585d81dd9cb417144
=========================================================
Free Advertisment cms (user_info.php) SQL Injection Vulnerability
=========================================================
##########################################
# Name: Free Advertisment cms (user_info.php) SQL Injection Vulnerability
# Date: 2010-05-11
# vendor: http://www.laserayaneh.com
# Author: Ashiyane Digital Security Team
# Thanks to: khodam :P, Satanic2000,Veron, ... And All Ashiyane Members ...
# Contact: Xrogue_p3rsi4n_hack3r[at]Hotmail[Dot]com
# Home: www.Ashiyane.org
##########################################
[+] Dork: " inurl: user_info.php?user_id= " Or " inurl: index.php?catid= "
[+] Vulnerability:
www.site.com/[path]/user_info.php?user_id=[SQLi]
www.site.com/[path]/index.php?catid=[SQLi]
[+] Live Demo:
http://www.tanit.ir/user_info.php?user_id=[SQLi]
http://www.rahnema.com/index.php?catid=[SQLi]
##########################################
_________________________________________________________________
Your E-mail and More On-the-Go. Get Windows Live Hotmail Free.
https://signup.live.com/signup.aspx?id=60969
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed