========================================================================
| # Title     : codebase business directory pro 1.02 sql injection vulnerability
| # Author    : indoushka
| # email     : indoushka4ever@gmail.com
| # Tested on : windows 8.1 FranASSais V.(Pro)
| # Version   : v1.02
| # Vendor    : http://dl.persianscript.ir/script/codebase-business-directory-pro-php-script1.02(PersianScript.ir).zip
========================================================================

Sql injection :

http://codebasedev.com/directoryapp/demo/plugins/custom_fields/search.php?city_id=San%20Francisco&field_1=1&field_3[]=Breakfast&q=%40%40m419c&select_all=on&submit=1 (inject her)

Login : /admin


Greetz : 
jericho  http://attrition.org & http://www.osvdb.org/ * http://packetstormsecurity.com * Larry W. Cashdollar*
Hussin-X *D4NB4R * ViRuS_Ra3cH * yasMouh * https://www.corelan.be *
---------------------------------------------------------------------------------------------------------------