Store Automobile - Motorcycle - Boat SQL Injection Vulnerabi
Posted on 11 June 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>Store Automobile - Motorcycle - Boat SQL Injection Vulnerability</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>================================================================ Store Automobile - Motorcycle - Boat SQL Injection Vulnerability ================================================================ Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com] Exploit Title: Site to Store Automobile - Motorcycle - Boat? SQL Injection Vulnerability Vendor url:http://www.mformula.com.br/ Version:n/a Price:100$ Published: 2010-06-11 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue, S1ayer,d3c0d3r,KD and to all ICW & AH members. Spl Greetz to:inj3ct0r.com Team ##################################################################################################################################################################################################### Description: * Site to Store Automobile - Motorcycle - Boat? SQL Injection Vulnerability * Resources and Advantages Better cost-benefit of the market Internal system for total administration of the site Available site in the languages Portuguese, Espaßol, English and Japanese Property Management Management Clients Support for Sale and Rent Unlimited Publication of Photos for Property RSS/XML feed Optimization in search engines SiteMap Google, Yahoo and Bing Supported to any type of personalized option (Color, Size, Type, etc) Personalization of the layout, colors and texts of the site in agreement your mark Reports detailed on the site Support via HelpDesk integrated in the Administration of your site ####################################################################################################################################################################################################### Vulnerability: *SQLi Vulnerability DEMO URL : http://automotoboatshop.mformula.com.br/products_view.php?id=[sqli] # 0day n0 m0re # # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-06-11]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
