Top Sites Script SQL Injection Vulnerability



EDB-ID: 13976 CVE: N/A OSVDB-ID: 65664
Author: L0rd CrusAd3r Published: 2010-06-22 Verified: Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
1               ##########################################             1
0               I'm L0rd CrusAd3r member from Inj3ct0r Team            1
1               ##########################################             0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1
Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]
Exploit Title:Top Sites SQL Vulnerable 
Vendor url:http://getaphpsite.com
Version:1
Price:20$
Published: 2010-06-22
Greetz to:r0073r (inj3ct0r.com), Sid3^effects, MaYur, MA1201, M4n0j, Sonic Bluehat.
Special Greetz: Topsecure.net, inj3ct0r Team , Andhrahackers.com
Shoutzz:- To all ICW members.
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Description:

The topsite website allows visitors to search for the top rated websites participating in the topsite program. Webmasters can list their sites for free and in return they will receive code for their website. After a webmaster has registered, s/he will be able to select the category that best describes his/her website, add a Description and copy and paste the code for their website. Statistics are provided for each website 

~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~

Vulnerability:

*SQLi Vulnerability

DEMO URL :

http://server/topsites/category.php?cat=[sqli]

# 0day n0 m0re #
# L0rd CrusAd3r #