2DayBiz Multiple SQL Injection



EDB-ID: 14048 CVE: 2010-2691 OSVDB-ID: 65824
Author: Sangteamtham Published: 2010-06-25 Verified: Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
$-------------------------------------------------------------------------------------------------------------------
$ 2daybiz custom T-shirt SQL Injection and Cross Site Scripting
Vulnerabilities
$ Author : Sangteamtham
$ Home : Hcegroup.net
$ Download :http://www.2daybiz.com/customt-shirt_designscript.html
$ Date :06/25/2010
$
$******************************************************************************************
$Exploit:
$
$ 1.SQL injection:
$
$ http://server/products_details.php?sbid=[id number]
$ http://server/products/products.php?pid=[id number]
$ http://server/designview.php?designid=[id number]
$
$
$
$
$******************************************************************************************
$ Greetz to: All Vietnamese hackers and Hackers out there researching for
more security
$
$
$--------------------------------------------------------------------------------------------------------------------