BlogPHP version 2 suffers from a remote SQL injection vulnerability.
8222aa7e4cf4e929afaa04af9565175cc19133286f78e453966846a54c5291d9######################################################################################
[+] Title : BlogPHP v2 SQL Injection
[+] Name : BlogPHP
[+] Affected Version : v2
[+] Software Link : http://sourceforge.net/projects/blogphpscript/files/blogphpscript/2.0/BlogPHPv2.zip/download
[+] Tested on : (L):Vista & Windows Xp and Windows 7
[+] Dork : Google Dork: "Copyright ©2006 Powered by www.blogphp.net"
[+] Date : 09/08/2011
#######################################################################################
[+] Author : Yassin Aboukir
[+] Contact : 01Xp01@Gmail.com
[+] Site : http://www.yaboukir.com
#######################################################################################
# Special thanks to Paul Maaouchy for his First found in Members.html.
-- See More : http://www.exploit-db.com/exploits/17640/
#######################################################################################
[+] Error :
Operating Systems:
Warning: Division by zero in /home/Username/public_html/index.php on line 520
Unknown (0%)
Browsers:
Warning: Division by zero in /home/Username/public_html/index.php on line 552
Unknown (0%)
[+] How to exploit :
http://localhost/Path/index.php?act=stats&day=09&month=08&year=2011[SQL Me]
[+] Fix : upgrade to last release (v3)
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed