Scripts Feed Business Directory SQL Injection Vulnerability



EDB-ID: 11592 CVE: 2010-1092 OSVDB-ID: 62626
Author: Crux Published: 2010-02-27 Verified: Not Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
==============================================================================
    [~] Scripts Feed Business Directory SQL Injection Vulnerability
==============================================================================
    [+] My home          [ http://hack-tech.com ]
    [+] Date Submitted:  [ February 27 2010 ]
    [+] Founder:         [ Crux ]
    [+] Vendor:          [ Scriptsfeed ]
    [+] Version:         [ ALL ]
    [+] Download:        [ http://www.scriptsfeed.com/business-directory.html ]


[ EXPLOIT ]
- This vulnerability affects login.php
-The POST variables 'us' and 'ps' are vulnerable.

[ ATTACK DETAILS ]
us=user&ps=${SQLINJECTIONHERE}&s1=LOGIN

==============================================================================