Home / os / win7

Restaurant SQL Injection Vulnerability

Posted on 11 June 2010

<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>Restaurant SQL Injection Vulnerability</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>======================================
Restaurant SQL Injection Vulnerability
======================================


Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]
Exploit Title: Full Site for Restaurant SQL Injection Vulnerability
Vendor url:http://www.mformula.com.br/
Version:n/a
Price:100$
Published: 2010-06-11
Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue, S1ayer,d3c0d3r,KD and to all ICW &amp; AH members.
Spl Greetz to:inj3ct0r.com Team

#####################################################################################################################################################################################################

Description:

* Full Site for Restaurant SQL Injection Vulnerability *

Internal system for total administration of the site, Available site in the languages Portuguese, Espaßol, English, Japanese, French, Italian and German, Unlimited Extra Pages and Sub Pages, Menu OnLine, Unlimited Gallery of Photos Code: PHP 5.0
#######################################################################################################################################################################################################

Vulnerability:

*SQLi Vulnerability

DEMO URL :

http://restaurant.mformula.com.br/?lang=[sqli]

http://restaurant.mformula.com.br/extrapage.php?cat_id=[sqli]

# 0day n0 m0re #

-- 
With R3gards,
L0rd CrusAd3r


# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-06-11]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>

 

TOP

Malware :

Exploits :