Offerings from identity.net.au appear to suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
9d2b322ca0da60c2b5e188c1b11e40334906f2e57061c75eb61055d5fd9838f9################################################################
----------------------------------------------------------------
Identity SQL Injection Vulnerability
----------------------------------------------------------------
################################################################
# Exploit Title : Identity SQL Injection Vulnerability
# Author : Hack Center Security Team
# Discovered By : Net.W0lf
# Software Link : [ www.identity.net.au ]
# Date : 9/16/2012
# E-Mail : Bl4ck.intell@gmail.com & Net-W0lf@att.net
# DorK : " Site by Identity "
################################################################
----------------------------------------------------------------
+-----------------------+
| SQL Injection |
+-----------------------+
Expl0!T :
[TargeT]product_details.asp?pid=[SQl]
D3m0:
www.choitime.com/product_details.asp?pid='225
Greets To :
| Am!r | B3HZ4D | All Members 0f Hack-Center
===========================================# End #=============================================
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed