T-Dreams Articles and Papers Package version 2.0 suffers from a remote SQL injection vulnerability.
f4bf32fb4a351c3958585bb1e18071ae5bcf08fee67cf171594dd5b25041d434
# Author: R4dc0re
# Exploit Title: T-Dreams Articles & Papers Package SQL injection Vulnerability
# Date: 04-12-2010
# Vendor or Software Link:http://t-dreams.com
# Category:WebApp
#Demo Link:http://t-dreams.com/demo/papers/
#Version:2.0
#Price:115$
#Contact: R4dc0re@yahoo.fr
#Website: www.1337db.com
#Greetings to: R0073r(1337db.com), L0rd CrusAd3r,Sid3^effects and to rest of the 1337db members
Submit Your Exploit at Submit@1337db.com
########################################################################################
[Product Detail]
Full and ready to use ASP Script (yet simple solution) that enables you of having a site for Articles or Papers.
Where users can submit their articles (according to the categories you specify).
Users can search and view articles... and a lot of features.
[Vulnerability]
SQL Injection:
http://t-dreams.com/demo/papers/ArticlesTablelist.asp?order=[Code]
########################################################################################