Saturday, 14 November 2009

KhullaBazaar.com Shopping Site SQL Vulnerability

Site: www.khullabazaar.com
Risk: High [Critical informations can be stolen]
Notified: YES [in a way]
/*Action from Admin: N/A*/
Vulnerable file: You should figure it out easily
Exploit: The php script do not validate the inputs from user which can be used to compromise the database.
Solution: sam207 has written an article on it.

If any of the site admin is viewing this page, you can contact me or sam to know what's vulnerable and how to fix it. Don't take the pwnage negatively...
Thanks.
Posted by at
Labels: , ,

5 comments:

  1. Cool Samar14 November 2009 at 07:55

    lol pwn3d...

    ReplyDelete
  2. Anonymous27 November 2009 at 08:27

    hey lOrd, yo sql injection bhaneko ta halka bujhya chu tara ahile samma inject garna aaudaina. ani SQLI bhanya k ho pheri......

    how do u guys hack the database table and even the scripts...

    malai sikaunu paryo prabhu...
    ani yo site ni babbal lagyo malai... thumbs up guys

    ReplyDelete
  3. Anonymous27 November 2009 at 20:26

    this site is absolutely awesome... malai pani sikna mann lageko 6 yo sabai malai pani sikauna bro harule...

    ReplyDelete
  4. learn3r aka cyb3r lord28 November 2009 at 21:22

    @Anon: you can learn from us but you really need to learn PHP and Python or PERL first and then jump to hacking arena...

    ReplyDelete
  5. learn3r aka cyb3r lord28 November 2009 at 21:23

    also SQLi means SQL injection... following shortcut, guys...

    ReplyDelete

Subscribe to: Post Comments (Atom)