[] NeoSense
E X P L O I T S
title author type platform port cve id

ARASTAR - SQL Injection

Author: TH3_N3RD
type: webapps
platform: php
port: 
date_added: 2011-11-19 
date_updated: 2011-11-19 
verified: 0 
codes: OSVDB-77473 
tags: 
aliases:  
screenshot_url:  
application_url: 
+#######+
|[o] ID |
+#######+
[+] Title              :  ARASTAR SQL Injection Vulnerability
[+] Affected Version   :  ALL VERSIONS
[+] Software Link      :  http://ara-star.com/art.php?ID=172
[+] Tested on          :  Windows XP SP2 <CHROME + FIREFOX>
[+] Date               :  18/11/2011
[+] Dork               :  inurl:'.co.il/Cat.php?ID=' intext:"POWERED BY ARASTAR"
[+] Category           :  Content Management
[+] Severity           :  High
[+] Author             :  TH3_N3RD
[+] Follow on FB       :  https://www.facebook.com/TH3xN3RD

+############+
|[o] EXPLOIT |
+############+
[+] http://[website]/cat.php?ID=[SQLi]
[+] ADMINISTRATION PATH : http://[website]/admin-aps
+#########+
|[o] PoC  |
+#########+
[+] It Depends On The Column Count Of The Script Version /.-

+------------+
|[o] Greet'z |
+------------+
[+] To : #MY MIND# [&] VERGEIRAS [&] ALL THE MOROCCAN HAX0R'z
@`d0n3\-
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.