PDQ Script 1.0 - 'listingid' SQL Injection

EDB-ID:

10588

CVE:

N/A




Platform:

PHP

Date:

2009-12-21


+===================================================================================+
            ./SEC-R1Z   _ __ _  _ _ _ ___ _ _ _ _   __  _ _ _ _ _            
            / /_ _ _ _ /   _ _\/   _ _ /\        \<   |/_ _ _ _ /  
            \ \_ _ _ _/  /___ /  /   __  |  |)   / |  |   /   /
             \_ _ _ _/  /___ /  /  | __ ||      /  |  |  /   /
              _______\  \_ _ \  \2_0_0_9 |      \  |  | /   /____ 
            /_ _ _ _ _\ _ _ _/\ _ _ _ /  |__|\ __\ |__|/_ _ _ _ _\ R.I.P MichaelJackson !!!!!
+===================================================================================+
|                                                                                                                                                
|                                                                                                                                                 
|         PDQ Script 1.0  <==  [listingid] Remote SQL injection vulnerability                                   
|                                                                                                                                                
+===================================================================================+
|                                                                                                                                          
| Author.: Red-D3v1L                                                                                                                
| HoMe : www.sec-r1z.com                                                         
|    ARAB ETHICAL HACKING, PENETRATION TESTING & WEB APPLICATION SECURITY SYSTEM  
+===================================================================================+
|                                                                                                                                             
| Script.: PDQ Script 1.0                                                                                                           
| Home...: http://www.pdqmedia.co.uk/                                                                                       
|                                                                                                                                                 
+-----------------------------------------------------------------------------------                                        
| [+] d0rk:  Powered by PDQ                                                                                                        
                                                                                                                                                   
| [+] Exploit:                                                                                                                               
|                                                                                                   http://server/path/travel_d_details.php?listingid=[1nj3ct c0dE]                                          
|                                                                                                                                            
| [+] Now you see All information Site :D                                         
|                                                                                 
| [+] Enjoy xD                                                                                  
+-----------------------------------------------------------------------------------
 
+===================================================================================+
|                                                                                  
| Greetz: All #sec-r1z memb3rz!!!!                                                 
|                                                                                   
+===================================================================================+
E0D|F