Name :Kayako eSupport v3.70.02 SQL Injection Vulnerability
Date : july 17,2010
Critical Level : HIGH
vendor URL :http://www.kayako.com/solutions/esupport/
google dork:Help Desk Software by Kayako SupportSuite v3.70.02
Author : Sid3^effects aKa HaRi
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_,SeeMe,RoadKiller
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz
#######################################################################################################
Description:
eSupport incorporates Kayako's leading ticket and e-mail management support desk software, including knowledgebase, troubleshooter, news and downloads publishing tools.
#######################################################################################################
Xploit:SQli Vulnerability
http://[site]/supportsuite/index.php?_m=news&_a=viewnews&newsid=[Sqli]
#######################################################################################################
# 0day no more
# Sid3^effects