BoutikOne suffers from a remote SQL injection vulnerability.
71665c77665bc844ad0a33546e46b35c83a158366046156e811ebcfc543c4eb8 ________ _____________ / /_
/ ___/ _ \/ ___/ ___/ _ \/ __/
(__ ) __/ /__/ / / __/ /_
/____/\___/\___/_/ \___/\__/
#####################################################################
# Exploit Title: BoutikOne® v1 (list.php) SQL Injection Vulnerabilitie
# Date: 19/09/2010
# Author: BrOx-Dz
# Author: E.dz@hotmail.fr
# Software Link: http://www.boutikone.com/
# Dork : Powered by BoutikOne®
# Version: BoutikOne®
# Tested on: windows xp pack 3
#####################################################################
----------------------------------------------------------------------------
#e.g :
http://server/patch/list.php?lang=1&path=50&num=38&action=n&sort=Id&page=0[sql]
#demo :
http://www.site.com/list.php?lang=1&path=42&num=13&action=n&sort=Id&page=0'
----------------------------------------------------------------------------
greatez:
lagripe-dz mca_crb amine halim all dz members.
www.sec4ever.com / www.v4-team.com/cc/ / www.h4ckforu.com/vb/.
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed